Re: Re: How do *you* secure your network with Perl?


Do you know where your variables are?
	PerlMonks

Re: Re: How do you secure your network with Perl?

by Rhose (Priest)

on Mar 27, 2002 at 14:58 UTC ( [id://154680]=note: print w/replies, xml )

Need Help??

in reply to Re: How do *you* secure your network with Perl?
in thread How do *you* secure your network with Perl?

While you *could* write an IDS in perl, I am pretty sure any link with much activity would cause the PerlIDS(tm) to drop packets.

However, a better use for perl in your IDS implementation is in the role of analysis scripts. Your IDS implementation should probably consist of one or more "quick and dirty" systems -- snort (or your IDS of choice) with fewer rules, and one or more analysis machines. Perl excels in the analysis role -- processing "historical" data.

Comment on Re: Re: How do you secure your network with Perl?

Replies are listed 'Best First'.
(shockme) Re: Re: Re: How do you secure your network with Perl? by shockme (Chaplain) on Mar 28, 2002 at 03:20 UTC
On the subject of analysis (and somewhat removed from "modules"), I've had great success with Psionic's PortSentry, HostSentry and LogSentry. If things get any worse, I'll have to ask you to stop helping me.	[reply]

In Section Meditations

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://154680]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others taking refuge in the Monastery: (6)

As of 2024-04-24 09:06 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found