[140027] in North American Network Operators' Group
Re: open source DPI suggestions?
daemon@ATHENA.MIT.EDU (Kornelijus Survila)
Fri Apr 29 08:59:14 2011
In-Reply-To: <09aa01cc066c$b0437fb0$10ca7f10$@oneunified.net>
Date: Fri, 29 Apr 2011 07:59:07 -0500
From: Kornelijus Survila <kornholijo@gmail.com>
To: Raymond Burkholder <ray@oneunified.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Snort (http://www.snort.org/) is also a nice IDS. They provide paid and free
rules/signatures.
-k
On Fri, Apr 29, 2011 at 7:55 AM, Raymond Burkholder <ray@oneunified.net>wrote:
> > > Can anyone suggest any open source DPI (deep packet inspection)
> > projects?
> >
> >
> > I'll recommend Bro-IDS (http://www.bro-ids.org/) as it's what I spend my
> > days working on. It's essentially a programming language for long term
> > network traffic monitoring which is focused on doing deep decoding of
> > application layer protocols. (and it's BSD licensed!)
> >
>
> http://l7-filter.sourceforge.net/ might be another candidate.
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
>
