Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 13:21:38 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1842002051&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fsniffers%2Fsnort%2Fnetsquid.tar.gz%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1842002051.1338211298.1338211298.1338211298.1%3B%2B__utmz%3D32867617.1338211298.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/33792/netsquid.tar.gz http://packetstormsecurity.org/files/33792/netsquid.tar.gz http://packetstormsecurity.org/files/33792/netsquid.tar.gz.html Wed, 14 Jul 2004 16:17:00 GMT NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.