On Sat, Jan 18, 2003 at 01:57:17PM +, Steve Schmitz wrote:
If you consider gigabit/copper a fast network and can suggest
experiments/meassurements, I'll be happy to conduct them.
TCP window scaling support has been commited to -current (pf.c 1.306).
If you have a spare box to install
I've never done pf without NAT before. Now I've been charged with
building a new firewall to replace the aging linux firewall.
I've come across a couple things in the pf howto at deadly.org that I'm
not sure if I should use.
One is scrub, and the other is modulation state.
What do these do
Didn't want to take this off the list - one last question - would there be
a point to having the rule label pushed through the log? especially with
Mikes useful script here already. it looks like the rule number is enough?
That's a Trick! very clean - I like that - rulenum is the same as the
Does pf have a syntax for intrusion detection?
Id not what do you guys recommend? Nessus? Snort? Prelude?
--Bryan
On 22 Jan 2003, Bryan Irvine wrote:
Does pf have a syntax for intrusion detection?
kidding
Sure!
intrusion detection on fxp0 from any to any keep state
This gives you stateful instrusion detection.
/kidding
C'mon man !.. What is a syntax for intrusion detection ?
Have you ever seen something
Hmm Maybe he's talking about **deep packet inspection**?
http://www.zdnet.com/filters/printerfriendly/0,6061,2898730-92,00.html
C'mon man !.. What is a syntax for intrusion detection ?
Have you ever seen something like you told.
What are you expecting? What kind of syntax ?
While pf has no syntax for intrusion detection, it has some nice features
that aid in intrusion detection.
scrub: makes sure that the intrusion detection system inside the firewall
cannot be fooled by fragments and similiar other tricks that would cause
hosts and the ids see different packet
On Wednesday 22 January 2003 03:35 pm, Bryan Irvine wrote:
Does pf have a syntax for intrusion detection?
Id not what do you guys recommend? Nessus? Snort? Prelude?
--Bryan
I would recommend you look at using nessus to scan your network for
vulnerabilites and patch/reconfig your