possibly ipkungfu? http://www.linuxkungfu.org/
Printable View
possibly ipkungfu? http://www.linuxkungfu.org/
With snort just remove all the standard rules and make a few of your own.
Quote:
Originally Posted by d34dl0k1
Exactly. Just becuase it has hundreds more features than you need, don't rule it out. Only use the features you need and disable the rest. At least with snort there is going to be plenty of signatures that you can use for templates and the documentation is pretty good. Try writing IDS/IPS rules for other platforms. Many of them are very confusing...Quote:
Originally Posted by SirDice
BTW: Didn't see it listed. You said it was a high speed critical link, but you didn't define high speed.