-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 20, 2000 11:07 AM
>
> You can use SNORT, it�s for free, but I don�t think that it
> is integrated
> with Firewall-1. It�s an IDS, has so many policies
> pre-defined and run under
> Linux(i.e.). You can configure it to generate alerts and
> reports, but I
> think that the real time responses, like kill conect and
> re-configure your
> firewall will be lost.
I have snort running and integrated with FW-1. Certain snort alerts
will trigger a SAM block of the offending IP address. Currently it's
a set of two batch files, but I'm planning on making a little app out
of it for performance reasons. (unless Mike can give me syslog in
snort Win32 ;)
If there is any interest, I can send the batch files and instructions
in email.
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1
Comment: PGP or S/MIME encrypted email preferred.
iQA/AwUBOhmXtkRKym0LjhFcEQLvRwCg3brijWpbr6jBAdOdrTKR64e+FMcAn1vP
IFqJvcpvyHoAq00UQAcZEz62
=Z6bb
-----END PGP SIGNATURE-----
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
