Sat, 22 Jun 2002 00:26:46 +0100
On Saturday 22 June 2002 12:16 am, James Mello wrote:
> > > No, but there are experimental modules that will allow you to enforce
> > > your own rules. I've heard of some IDS or attack detection
> > > capabilities being done through IP tables.
> > What sort of modules ? I *hope* you don't mean the 'string' match ?
> Yeah, I actually do mean the 'string' match :) I've got some friends who
> used this to do some filtering on content on their own internet exposed
> boxes to prevent stupid Nimda worm and other attacks from being
Hmmm. Okay, I'll agree you can do a certain amount of string matching, with
a certain degree of reliability, wiht this module, but I think for an IDS I'd
rather go for snort / hogwash.