[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Powerful tool to monitor coarse/fine grained external network IP attacks?



On Fri, 2006-03-17 at 08:38 -0800, Dan Thurman wrote:
> I have been using a lot of tools from packet analyzers
> to firestarter and such but I have yet to find a powerful
> security tool with course/fine grained monitoring of say the
> top X IP activities of IP accesses to systems of interest.
> 
> I have used BlackIce and other ISS security tools before but
> I am interested in any free or opensourced security tools that
> allows one to monitor these activities in real-time mode.
> 
> I was thinking along the lines of something like what is in
> firestarter, top, and system-monitor combined in a away that
> allows for maximum flexibility when monitoring IP accesses
> and possibly with the addition of event notification of say
> a DDOS attack or port attacks or any of that sort of thing.
> 
> Occasionally, I may suspect that I am under attack and would
> like to whip up the security monitor to start probing for
> potential attacks and to assuage my fears and to take any
> necessary actions to thwart any further attacks...
> 
> Anyone have any suggestions?

Sounds like you want to look at snort and some of the tools that have
been built upon snort.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]