Forescout has a tool like that (www.forescout.com) It looks for scans, etc and can do a SAM drop or TCP reset, whichever you prefer.
Bill -- Bill Mathews Open Source Software Advocate [EMAIL PROTECTED] The wise and noble Raymond N spiteth forth upon the land, these thoughts: > Hi there, > Just wondering if there are OPSEC tool that would generate alerts about > port scanning, DOS attack, or other abnormal form of network traffic > patterns? I am not interested about deploying dozen of IDS/IPS agents on > the network. What 's in my mind is a real-time log analysis tool that > will > generate alerts by actively (real-time) scanning the Checkpoint firewall > log. Does this sound reasonable? Any suggestions? > > Thanks. > > -raymond > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
