Re: Generic content filter available?
From: Erik (erik@geenspam.vanwesten.net)Date: 03/24/02
- Previous message: Toby Thain: "Re: Crashing Unix"
- In reply to: mpsarros@iiic.ethz.ch: "Generic content filter available?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Erik <erik@geenspam.vanwesten.net> Date: 24 Mar 2002 12:30:59 GMT
mpsarros@iiic.ethz.ch wrote:
> The company I work for wants to add a "content filter" before the host
> system for protecting it against crack and DOS Attacks.
> This would be just a server with accepts connection only at a specific
> port where the data for the host would be send (acting like a normal
> firewal) but it would also control the data that comes to this port
> for their correctnes and specification compliance (something like
> "proxy", "content filter" or how it could be also called).
> Until now I have only found http-proxys but our protocol is plain TCP/IP
> not build upon http. So I would like to ask if there exist such generic
> filters or at least a framework as I don't want to reinvent the wheel...
> If nothing like that exists, would it be easy to implement one by
> rewriting an existing http-proxy? Which one would you suggest?
> The whole thing should be running on Solaris, FreeBSD or Linux. Windows
> is too unsecure, closed and propiertary to be taken into consideration :-)
> thanks for any advice
> Michael Psarros <mpsarrosATvis.ethz.ch>
Have a look at hogwash <http://hogwash.sourceforge.net>. This might be
exactly what you are looking for. Downside: not officially stable yet.
It is based on a bridge which does _not_ run a tcp/ip stack, and is
snort based. Very very hard to bypass.
EJ
-- For OpenBSD pf en nat rule examples: http://www.vanwesten.net
- Previous message: Toby Thain: "Re: Crashing Unix"
- In reply to: mpsarros@iiic.ethz.ch: "Generic content filter available?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
