I know it's not what the client asked for... but since its free and worked
well for me, each of the client boxes should run portsentry to detect
portscans.
Is the DMZ a hubbed LAN? You could sniff all the traffic and try to match
patterns. But really the better place for this would be on a firewall
seperating the DMZ from the Internet.
-Alan
----- Original Message -----
From: Jim Mills <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, June 16, 2000 10:18 PM
Subject: a fortress in the DMZ
: Hello all,
: A client has asked me to design and build a standalone box in their DMZ
: capable of detecting port scans of any of the clients public IP addresses
: and then sending a notification to the enterprise network management
: console.. (smtp or snmp ) this machine will sit in the public IP space and
: should monitor the whole subnet for attacks or DOS attacks.
:
: I have done some reading ( need to do more) and have some ideas but it
never
: hurts to ask...
:
: Please reply directly to [EMAIL PROTECTED]
: I will keep the list posted on this project if there is any intrest.
: Jim Mills
: [EMAIL PROTECTED]
:
:
:
: --
: To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
: as the Subject.
:
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
