Re: Re: How do *you* secure your network with Perl?


XP is just a number
	PerlMonks

Re: Re: How do you secure your network with Perl?

by Rhose (Priest)

on Mar 27, 2002 at 14:58 UTC ( #154680=note: print w/replies, xml )

Need Help??

in reply to Re: How do *you* secure your network with Perl?
in thread How do *you* secure your network with Perl?

While you *could* write an IDS in perl, I am pretty sure any link with much activity would cause the PerlIDS(tm) to drop packets.

However, a better use for perl in your IDS implementation is in the role of analysis scripts. Your IDS implementation should probably consist of one or more "quick and dirty" systems -- snort (or your IDS of choice) with fewer rules, and one or more analysis machines. Perl excels in the analysis role -- processing "historical" data.

Comment on Re: Re: How do you secure your network with Perl?

Replies are listed 'Best First'.
(shockme) Re: Re: Re: How do you secure your network with Perl? by shockme (Chaplain) on Mar 28, 2002 at 03:20 UTC
On the subject of analysis (and somewhat removed from "modules"), I've had great success with Psionic's PortSentry, HostSentry and LogSentry. If things get any worse, I'll have to ask you to stop helping me.	[reply]

In Section Meditations

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://154680]
help

Chatterbox^?

How do I use this? | Other CB clients

Other Users^?

Others perusing the Monastery: (2)

As of 2023-04-02 03:34 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Voting Booth^?

No recent polls found

Notices^?