On Fri, 2006-03-17 at 08:38 -0800, Dan Thurman wrote: > I have been using a lot of tools from packet analyzers > to firestarter and such but I have yet to find a powerful > security tool with course/fine grained monitoring of say the > top X IP activities of IP accesses to systems of interest. > > I have used BlackIce and other ISS security tools before but > I am interested in any free or opensourced security tools that > allows one to monitor these activities in real-time mode. > > I was thinking along the lines of something like what is in > firestarter, top, and system-monitor combined in a away that > allows for maximum flexibility when monitoring IP accesses > and possibly with the addition of event notification of say > a DDOS attack or port attacks or any of that sort of thing. > > Occasionally, I may suspect that I am under attack and would > like to whip up the security monitor to start probing for > potential attacks and to assuage my fears and to take any > necessary actions to thwart any further attacks... > > Anyone have any suggestions? Sounds like you want to look at snort and some of the tools that have been built upon snort.
