Re: TCP/IP Filtering
From: RCC (rcc76@hotmail.com)
Date: 09/04/02
- Next message: Consultant®: "Re: Lost admin password"
- Previous message: Tibor Biro: "Re: Password protecting a web directory in Windows 2000"
- In reply to: P: "Re: TCP/IP Filtering"
- Next in thread: P: "Re: TCP/IP Filtering"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "RCC" <rcc76@hotmail.com> Date: Thu, 5 Sep 2002 07:42:22 +1200
"P" <sdfsd@sdfsd.com> wrote in message
news:qzcd9.1191$Sr6.43692@ozemail.com.au...
> I use snort all the time but it doesn't srop packets as far as I know it..
I
> haven't played with the flexresp which is supposed to reset any
connections
> that snort identifies as potentially troublesome but thats still not true
> packet filtering..
>
> Paul
>
> "RCC" <rcc76@hotmail.com> wrote in message
> news:#ZjjDR4UCHA.2424@tkmsftngp10...
> > "P" <sdfsd@sdfsd.com> wrote in message
> > news:RtWc9.941$Sr6.33721@ozemail.com.au...
> > > Has anybody written a packet filter around it?
> > >
> > > PC
> >
> > Did you have a look at all at SNORT? AFAIK it can dump the packets in a
> > database or text file (log?)
> > Regards,
> > RCC
> >
Hang on, we're talking about two different things.
"Oh how I yearn for a freeware packet filter on win2k that enables you to
log connection attempts"
I'm sure SNORT logs that.
In terms o packet filtering:
"WinPcap is an architecture for packet capture and network analysis for the
Win32 platforms. It includes a kernel-level packet filter, a low-level
dynamic link library (packet.dll), and a high-level and system-independent
library (wpcap.dll, based on libpcap version 0.6.2). The packet filter is a
device driver that adds to Windows 95, 98, ME, NT, 2000 and XP the ability
to capture and send raw data from a network card, with the possibility to
filter and store in a buffer the captured packets.
Packet.dll is an API that can be used to directly access the functions of
the packet driver, offering a programming interface independent from the
Microsoft OS.
Wpcap.dll exports a set of high level capture primitives that are compatible
with libpcap, the well known Unix capture library. These functions allow to
capture packets in a way independent from the underlying network hardware
and operating system."
Now I don't seem to be able to find a packet filter as such for it, but I'm
sure somebody must have created one... I understand your point and I'll keep
searching.
Regards,
RCC
- Next message: Consultant®: "Re: Lost admin password"
- Previous message: Tibor Biro: "Re: Password protecting a web directory in Windows 2000"
- In reply to: P: "Re: TCP/IP Filtering"
- Next in thread: P: "Re: TCP/IP Filtering"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
