Open source firewalls

From: Vinay Venkataraghavan
Date: Wed Jul 13 2005 - 11:36:53 EST

Next message: Robert Love: "[patch 1/3] inotify: move sysctl"
Previous message: Geert Uytterhoeven: "Re: [PATCH] Amiga joystick typo (was: Re: Input: fix open/closeraces in joystick drivers - add a semaphore)"
Next in thread: Alejandro Bonilla: "RE: Open source firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

I have implemented an bare bones Intrusion detection
system that currently detects scans like open, bouce,
half open etc and a host of other tcp scans.

I would like to develop this into a full blown IDS
which is capable of detecting buffer overflow attacks,
sql injection etc.

I know how to implement buffer overflow attacks. But
how would an intrusion detection system detect a
buffer overflow attack. My question is at the layer
that the intrusion detection system operates, how will
it know that a particular string for exmaple is liable
to overflow a vulnerable buffer.

Are there other open source firewall implementations
other than snort?

I would apprecitate it if you could let me know.
Thanks,
Vinay

__________________________________
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Robert Love: "[patch 1/3] inotify: move sysctl"
Previous message: Geert Uytterhoeven: "Re: [PATCH] Amiga joystick typo (was: Re: Input: fix open/closeraces in joystick drivers - add a semaphore)"
Next in thread: Alejandro Bonilla: "RE: Open source firewalls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]