The Poor Man's (or Woman's) Intrusion Detection System
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
- TODO
- ====
-
- - trafficctl: wild-card whitelisting. Either just remember "accepts" or use the "*" notation.
- - trafficctl: "whole domain" should only change those entries in the group being reported. What about "*".
- - should probably convert to use static-linked MySQL client. C++DB has trouble with longterm connections.
- - trafficctl: comment field?
-
- BUGS
- ====
-
- - The wild card blocks don't seem to be automatically moving DNS
- entries into the block list.
-
-
-
- IDEAS
- =====
-
- - what about drilling down on domains: domain.tld, then expand up
- levels if there are more than a couple of entries.
-
- - Some way to browse by workstation traffic
-
- - See hosts that accessed a domain in the lists.
|
Ye Ol' π Shack