On Saturday 22 June 2002 12:16 am, James Mello wrote: > > > No, but there are experimental modules that will allow you to enforce > > > your own rules. I've heard of some IDS or attack detection > > > capabilities being done through IP tables. > > > > What sort of modules ? I *hope* you don't mean the 'string' match ? > > Yeah, I actually do mean the 'string' match :) I've got some friends who > used this to do some filtering on content on their own internet exposed > boxes to prevent stupid Nimda worm and other attacks from being > perpetrated.
Hmmm. Okay, I'll agree you can do a certain amount of string matching, with a certain degree of reliability, wiht this module, but I think for an IDS I'd rather go for snort / hogwash. Antony.
