LAk -> Intrusion Prevention System


IPTables with ip_queue Enabled
IPTables can be downloaded for free from IPTables is one of the most used stateful firewall softwares. IPTables has a feature called ip_queue which is used in deploying an IPS. Hence if ip_queue is not available it has to be enabled and the kernel has to be recompiled.

Snort_Inline is an inline, signature based intrusion detection system. It is one of the most versitile detection systems available in the open source world. It is a modified version of snort.

Snort_inline is a pattern matching IDS & hence will require its lates database of signatures This signature database though is made for snort, with minor modifications could be adapted by snort_inline. Hence the convert-IPS script surfaced to edit the rules for compatt.

Powered By Logo
Last Updated: July 15, 2003 20:09