Spoink 1.0 review

Download
by rbytes.net on

Spoink is an output-plugin for snort that works by blocking access to attackers using OpenBSD's pf api. All you need is an OpenBSD

License: BSD License
File size: 0K
Developer: Antonio Benojar
0 stars award from rbytes.net

Spoink is an output-plugin for snort that works by blocking access to attackers using OpenBSD's pf api.

All you need is an OpenBSD machine (or pf compatible), and snort (last version works well).

Spoink uses a pf table and a blocking rule to stop "attackers" accessing our system. To protect from false negatives you must have a whitelist full of ips you want save (see section 2).

Spoink program only blocks attacks defined in snort rules so think for a minute what rules you want to use first.

Spoink 1.0 keywords