Re: New Trend: Intrusion Prevention

[Alberto Gonzalez <albertg () cerebro violating us>]

Well, Intrusion Preventing has hit snort in the form of snortsam[0] 
hogwash[1] and snort-inline[2].
I suggest grabbing and playing with all of the above examples and see 
which one suits your environment
the best. I've been running hogwash for a few months now and just 
started playing with snortsam now that
the pf plugin is here!

Cheers!

   - Alberto

[0] - http://www.snortsam.net
[1] - http://hogwash.sf.net
[2] - http://www.snort.org/dl/contrib/patches/inline/

Sheahan, Paul (PCLN-NW) wrote:

> I attended Infosecurity 2002 yesterday and there was much talk about
> intrusion detection going away, and intrusion prevention replacing it. Does
> anyone know if there are any plans to include intrusion prevention
> functionality into Snort in the future?
>
> Thanks,
>
> Paul Sheahan
> Manager of Information Security
> Priceline.com
> paul.sheahan () priceline com
>
>
>
>  

--
The secret to success is to start from scratch and keep on scratching.




-------------------------------------------------------
This sf.net email is sponsored by:
With Great Power, Comes Great Responsibility 
Learn to use your power at OSDN's High Performance Computing Channel
http://hpc.devchannel.org/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users