Security Basics mailing list archives
Re: IPS
From: "Jack Whitsitt (jofny)" <seclists () violating us>
Date: Thu, 13 Mar 2003 13:09:39 -0500 (EST)
No experience with Top Layer's stuff - although I, too, am interested in hearing from others. For IPS there is at least: 1) Hogwash: Layer 2 packet mangler based on Snort originally. Now moving away from Snort...it drops, logs, or alters packets according to IDS rules.http://hogwash.sourcforge.net 2) Snort-inline: Similar to Hogwash http://www.snort.org 3) Bait and Switch Honeypot System: uses Snort (and it a part of the most current Hogwash release) to redirect hostile traffic to a honeypot based on IDS rules.http://baitnswitch.sourceforge.net -jofny
Hi Has anyone experience with Top Layer's Attack Mitigator IPS does someone have 'daily'/ 'real live' experience with this product?( eg how did they handle the slammer issue& recent other MS flaws, or unix flaws) so far just found only commercial tests Client would like to know if there any similar IPS available either free or commercial one's at first needed for an MS environment Cheers JC
Current thread:
- IPS jc (Mar 13)
- Re: IPS Jack Whitsitt (jofny) (Mar 13)