[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] ISS - Cheaper alternatives ?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Monday, November 20, 2000 11:07 AM > > You can use SNORT, it´s for free, but I don´t think that it > is integrated > with Firewall-1. It´s an IDS, has so many policies > pre-defined and run under > Linux(i.e.). You can configure it to generate alerts and > reports, but I > think that the real time responses, like kill conect and > re-configure your > firewall will be lost. I have snort running and integrated with FW-1. Certain snort alerts will trigger a SAM block of the offending IP address. Currently it's a set of two batch files, but I'm planning on making a little app out of it for performance reasons. (unless Mike can give me syslog in snort Win32 ;) If there is any interest, I can send the batch files and instructions in email. Regards, Frank -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.1 Comment: PGP or S/MIME encrypted email preferred. iQA/AwUBOhmXtkRKym0LjhFcEQLvRwCg3brijWpbr6jBAdOdrTKR64e+FMcAn1vP IFqJvcpvyHoAq00UQAcZEz62 =Z6bb -----END PGP SIGNATURE----- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|