[Snort-users] Linux Snort-Inline Toolkit (fwd)
erek at ...950...
Wed Jan 8 13:09:03 EST 2003
Just incase some folks may not have seen this.
"When things get wierd, the wierd turn pro." H.S. Thompson
---------- Forwarded message ----------
Date: Wed, 8 Jan 2003 11:01:59 -0600 (CST)
From: Lance Spitzner <lance at ...2024...>
To: honeypots at ...35...
Subject: Linux Snort-Inline Toolkit
The Honeynet Project has been working with IDS Gateway technology
for use as a Data Control mechanism. As many of you know, an IDS
gateway combines the detection capability of a traditional NIDS,
but adds the filtering capability of a firewall.
Once such example is Snort-Inline, a modified version of Snort 1.9.
Developed by Jed Haile, this patched version of Snort can not only
detect malicious activity, but Drop or even Modify it.
To help promote the understanding and development of Snort-Inline,
the Honeynet Project has released the Linux Snort-Inline Toolkit.
This toolkit has a statically precompiled Snort-Inline binary for
Linux, documentation, and a rules converter script. You can find
the toolkit at the Honeynet Tools section.
As always, input and suggestions appreciated.
More information about the Snort-users