From owner-freebsd-questions  Tue Jan  9 11:24:55 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from rubicon.fernonorden.com (unknown [195.139.149.229])
	by hub.freebsd.org (Postfix) with ESMTP id 04BA637B404
	for <freebsd-questions@freebsd.org>; Tue,  9 Jan 2001 11:24:38 -0800 (PST)
Received: by fernonorden.com with Internet Mail Service (5.5.2650.21)
	id <CT3AXC6M>; Tue, 9 Jan 2001 20:20:09 +0100
Message-ID: <25879E6A7E74D411B9370050043B7F3E09F83B@fernonorden.com>
From: Per Tore Larsen <per.tore.larsen@fernonorden.com>
To: "'freebsd-questions@freebsd.org'" <freebsd-questions@freebsd.org>
Subject: Snort or Portsentry?
Date: Tue, 9 Jan 2001 20:20:08 +0100 
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.21)
Content-Type: text/plain;
	charset="iso-8859-1"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi.

I need a port that will monitor my firewall for possible
backdoor/breakins/etc and
found out that snort or protsentry would make this possible.

Here's my question:
Will both be able so send mail when on of the rules is activated or a
message
to a windows machine that the port has detected a possible security problem?
Which would be the best to use?

I'm using ipf and ipnat on FreeBSD 4.2.

PeTe


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message