[140254] in North American Network Operators' Group
Re: open source DPI suggestions?
daemon@ATHENA.MIT.EDU (Francois Menard)
Fri May 6 16:45:31 2011
From: Francois Menard <francois@menards.ca>
In-Reply-To: <BANLkTimjGkASY8AVx88qXji9XjRwwu_o6Q@mail.gmail.com>
Date: Fri, 6 May 2011 16:43:59 -0400
To: Kornelijus Survila <kornholijo@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
How about RouterOS from Mikrotik ?
You cannot beat a $70 RB750G for doing P2P hijacking.
F.
On 2011-04-29, at 8:59 AM, Kornelijus Survila wrote:
> Snort (http://www.snort.org/) is also a nice IDS. They provide paid =
and free
> rules/signatures.
>=20
> -k
>=20
> On Fri, Apr 29, 2011 at 7:55 AM, Raymond Burkholder =
<ray@oneunified.net>wrote:
>=20
>>>> Can anyone suggest any open source DPI (deep packet inspection)
>>> projects?
>>>=20
>>>=20
>>> I'll recommend Bro-IDS (http://www.bro-ids.org/) as it's what I =
spend my
>>> days working on. It's essentially a programming language for long =
term
>>> network traffic monitoring which is focused on doing deep decoding =
of
>>> application layer protocols. (and it's BSD licensed!)
>>>=20
>>=20
>> http://l7-filter.sourceforge.net/ might be another candidate.
>>=20
>>=20
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>=20
>>=20
>>=20
