Intrusion prevention

Vern · August 23, 2005, 6:01pm

Is there any plan to make Bro run in 'inline' mode as an IPS ?

We're doing this as part of a DOE-sponsored project for coupling Bro with
custom hardware (per Chema's comments about his thesis work). The resulting
design will support Bro running as a stand-alone IPS (i.e., without needing
the custom hardware), though that's not our near-term focus.

Vern

Adayadil_Thomas · August 23, 2005, 8:38pm

Will it be interfacing with a firewall like iptables (like snort-inline does) ?

Thanks

Jose_M_Gonzalez · August 23, 2005, 10:03pm

Adayadil Thomas wrote:

Will it be interfacing with a firewall like iptables (like snort-inline
does) ?

Sort of.

I'm writing the details for my thesis. Will let you know once it's
finished.

-Chema

Topic		Replies	Views
Intrusion prevention Zeek	3	80	May 6, 2022
Intrusion prevention Zeek	1	115	May 6, 2022
Can bro be act as an IPS? Zeek	4	154	May 6, 2022
IPS Functionality in BRO Zeek	2	87	May 6, 2022
Bro as an IPS Zeek	2	84	May 6, 2022

Intrusion prevention

Related topics