On Sun, 2002-06-30 at 20:37, Richard Amerman wrote: > > I would love to use Snort but feared that it was too big. Is it reasonable?
Richard, David packaged a version back in Dec. of last year. snort.lrp 17-Dec-2001 06:48 176k http://leaf-project.org/devel/ddouthitt/packages/snort.lrp > -----Original Message----- > From: Mike Noyes [mailto:[EMAIL PROTECTED]] > Sent: Sun 6/30/2002 7:07 AM > To: [EMAIL PROTECTED] > Cc: > Subject: RE: Software write-protect (Was: Re: [leaf-user] Floppies) > On Sun, 2002-06-30 at 03:50, Erich Titl wrote: > > Agreed, but now we have to see how we can stop such a skillful attacker. > > How can we protect the RAM disks from someone determined enough to upload > > and execut code bytewise. Anyone can fingerprint the IP stack and scan our > > system for loopholes. Some firewall products detect this and drop the IP of > > the attacker immediately until reboot. Do we have such a feature? > > Erich, > NIDS products PortSentry and Snort will do this. We have packages for > both available. However, they aren't installed by default on any of our > releases/branches. > > PortSentry > http://www.psionic.com/products/portsentry.html > > Snort > http://www.snort.org/ -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html