in reply to Re: How do *you* secure your network with Perl?
in thread How do *you* secure your network with Perl?
While you *could* write an IDS in perl, I am pretty sure any link with much activity would cause the PerlIDS(tm) to drop packets.
However, a better use for perl in your IDS implementation is in the role of analysis scripts. Your IDS implementation should probably consist of one or more "quick and dirty" systems -- snort (or your IDS of choice) with fewer rules, and one or more analysis machines. Perl excels in the analysis role -- processing "historical" data.
|
---|
Replies are listed 'Best First'. | |
---|---|
(shockme) Re: Re: Re: How do *you* secure your network with Perl?
by shockme (Chaplain) on Mar 28, 2002 at 03:20 UTC |
In Section
Meditations