On 8/2/06, Rajkumar S. <[EMAIL PROTECTED]> wrote:
Hi,
I was reading through an interview of pf developers[*], where Mike
Frantzen commented that
<quote>
There are already two ways to emulate Linux's DIVERT sockets and turn
an IDS into an IPS (Intrusion Prevention System). One could use PF to
route the packets to a tunnel device and read them there.
</quote>
Can some one elaborate on how this works? I could not find any other
mention of this technique anywhere else.
Hi Raj, Please see if this would be of any benefit :-)
http://freshmeat.net/projects/snort2pf/
--Siju