[Discussion] Features suggestion
Jeremy Hewlett
jh at dok.org
Fri Nov 7 21:31:41 UTC 2008
On Fri, Nov 07, 2008 at 13:22:11 -0500, Jason Lewis wrote:
> devices for the end goal of preventing network attacks? Instead of
> building a tool that stores netflow, how about a tool that can control
> devices that already collect netflow and use that data in a smarter way?
I've been using IDS with IPaudit/IPaudit-web* with reasonable success in
tracking (potentially) compromised hosts. The graphs also give a quick
overview of host and traffic conditions (caught quite a few p2p users and
worm outbreaks with the graphs alone).
*http://ipaudit.sourceforge.net/ipaudit-web/
More information about the Discussion
mailing list