[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: ipfilter/Big Brother integration?
From: Flemming Laugaard <flemming.laugaard () uni-c ! dk>
Date: 2003-08-31 18:31:46
[Download RAW message or body]
On Sun, Aug 31, 2003 at 02:08:45PM -0400, Eben wrote:
> I would like to have Big Brother alert when a port scan is attempted
> against an ipfilter firewall.
> I see at least two ways that it could be accomplished:
> 1. A custom Big Brother module looks at the ipfilter logs and alerts on a
> port scan.
> 2. Another application creates individual report files from the ipfilter
> logs representing each port scan, Big Brother would then alert on the
> existence of a new one.
> Has anyone implemented a working solution?
> My requirements are that I must use both Big Brother and ipfilter.
> Thanks.
You should propably look at PortSentry
( http://packetstormsecurity.nl/UNIX/IDS/portsentry-1.1.tar.gz ).
And then do some scripting :)
--
Kind regards
Flemming Laugaard
------------------------------------
Reality Bites... and doesn't let go.
-- Unknown
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic