Re: [Netadm-devel] Hi~ Netadm members~ .. some project for ips tools
Status: Beta
Brought to you by:
linuxpark
Menu
▾
▴
Re: [Netadm-devel] Hi~ Netadm members~ .. some project for ips tools
|
From: jeho-park <lin...@gm...> - 2006-03-02 19:37:22
|
hi kwan-kyung i checked hlbr project and prelude-ids projects. in these three projects, prelude-ids seems to use snort as it's IDS engine. is it right ? if so, it is what i have looked for ~!. i want you to let me know how they integrate with snort ruleset and engine or how they access snort engine with their interface frame. i think this frame will be most important point in our researching. if you find and understand their frame, i think you wll have to design and implement that. in hlbr project, it is some awesome because they seem to add route code in user layer. as far as i know, routing code must be in the kernel layer as our pf.c does. .. i will do more check hlbr code and prelude-ids's. it is not to develop by myself but to talk with you about designing how this functionality will be integrated with current packet prevention module-pf.ko- if you find more infomation about these three projects, please let me know. regards jeho park MoonC wrote: > Hi everyone.. > > I'm find some ips tools and projects. This projects helps to us > research ips engine. > > This IPS works Layer2, > http://hlbr.sourceforge.net/index-en.html > > IPS test tool, Tipping Point open.. > http://tomahawk.sourceforge.net/ > > hybrid open source IDS > http://prelude-ids.org/ > > > > Thanks. |
