Linux Today: Linux News On Internet Time.

More on LinuxToday

Fwsnort: Application layer IDS/IPS with iptables

Jan 12, 2011, 16:33 (0 Talkback[s])

[ Thanks to An Anonymous Reader for this link. ]

"Fwsnort parses the rules files included in the Snort intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible.

"Fwsnort utilizes the iptables string match module (together with a custom patch that adds a --hex-string option to the iptables user space code which is now integrated with iptables) to detect application level attacks.

"Fwsnort 1.5 now is available for download. This is a major release that moves to using the iptables-save format"

Complete Story

Related Stories: