ITP: shadow-sensor & shadow-analyzer

To: debian-devel@lists.debian.org
Subject: ITP: shadow-sensor & shadow-analyzer
From: Philip Hands <phil@hands.com>
Date: Wed, 30 Jun 1999 00:17:42 +0100
Message-id: <[🔎] 29567.930698262@hands.com>

The shadow project (see http://www.nswc.navy.mil/ISSEC/CID/) provides some 
tools to allow a machine outside a firewall to be used as a sensor (using 
tcpdump to grab all the packets), and a machine inside the firewall to analyse 
that data, and turn it into useful reports about potential threats on an 
intranet web server.

Hence the two packages.  The sensor is installed on one or more machines 
outside your firewall (or perhaps simply on your firewall, if you are less 
paranoid), and the analyzer is installed on an intranet web server to do the 
analysis.

The software is either public domain, or distributed under the phrase 
``approved for public release, distribution is unlimited'' which seems to mean 
the same thing, according to the author.

Cheers, Phil.

Reply to:

Prev by Date: Re: debiandoc2html problem
Next by Date: Re: Moving contrib and non-free of master.debian.org
Previous by thread: ITP: gperiodic (repost, sorry) a cute lil gtk periodic table
Next by thread: iMatix Open Source software
Index(es):
- Date
- Thread