[Shorewall-users] Traffic detection before a firewall is installed

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

There was an ipchains package called mason, if I remember correctly, that 
would monitor network traffic and build ipchains rules to allow that 
traffic through.  Does anyone know of a similar tool that would generate a 
summary of traffic seen on a net.  Maybe snort or one of the other tools 
do this already.  Any help is appreciated.

In my case I have a number, actually about 190, subnets that don't have 
firewalls and so people seem to just throw up their hands and say that it 
is impossible to put in a firewall without breaking everything.  I don't 
believe that but I need a way to monitor the traffic and then build some 
shorewall rules and policies.

Thanks,

-- 
Steve Herber	he...@th...	work: 206-221-7262
Security Engineer, AMCIS, UoW		home: 425-454-2399