[plug] Active response IDSs?
ryan at is.as.geeky.as
ryan at is.as.geeky.as
Sat Aug 3 02:37:39 WST 2002
Do you mean something like this:
http://packages.debian.org/stable/net/fwlogwatch.html
It can launch counter-measures (create new rules or run scripts etc) when it
detects certain activities. It can run as a daemon too, not just a static
analyser.
I've read through the man page but that is as far as I have gone with it at
this stage.
Ryan
----- Original Message -----
From: "bob" <bob at fots.org.au>
> Anyone have anything they care to share regarding active response IDSs?
> I seem to be being hammered a bit at the moment and was wondering if
> there was anything decent in the way of IDS responses.
>
> And what are they looking for on port 33575?
>
> --
> bob
> Cave canem...te necet lingendo.
>
>
More information about the plug
mailing list