View Full Version : IDS/IPS inside a browser...

2007-03-11, 15:18

- http://isc.sans.org/diary.html?storyid=2403
Last Updated: 2007-03-11 02:28:28 UTC ~ "Although it's labeled as an alpha release -and therefore should really be handled with care- the idea behind Firekeeper* makes it worth mentioning now.
We all love snort: it's basically free, pretty good -if not the best- and has a huge community supporting it. Jan Wrobel took the power of snort and inserted it in a plug-in for Firefox. Resulting in an IDS/IPS inside a browser. Jan kept the ability to use Snort's rules and reused part of Snort's engine. As it is running inside the browser it even gains the ability to look inside the https traffic that's now not encrypted anymore. Add the ability to pull in the rules remotely and it looks like something we should be watching for the future.
Note that we didn't say to go ahead an install it company wide, it's an alpha release. Test it in a controlled environment and give Jan some feedback so it'll get even better."
* http://firekeeper.mozdev.org/


md usa spybot fan
2007-03-11, 15:41
I had to look up "Snort". So I thought I would share.

Snort - the de facto standard for intrusion detection-prevention

What is Snort?
SnortŪ is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.