Projects / NetSQUID

NetSQUID

NetSQUID is a Perl script (daemon) that sits in between Snort and IPTables. It gathers alerts generated by Snort, then automatically creates an IPTables firewall entry to block the alerting host (such as those infected by viruses). Web traffic is redirected to a Web server that can alert the user to the infection. The host is automatically unblocked after a specified time. It can also send DHCP address requests, so rogue DHCP servers can be detected by Snort.

Tags
Licenses
Operating Systems

Recent releases

  •  09 Aug 2004 20:23

    Release Notes: Some code cleanup, and minor bugfixes. Adding of previously blocked IPs was fixed. The way HTTP traffic is allowed to specific hosts (NAT rules) has been fixed, which also means you cannot redirect to more than one host now.

    •  03 Aug 2004 17:45

      Release Notes: The ability to allow for a 'pass through' HTTP server was added, so that all port 80 traffic will be redirected except to a specified server (perhaps a patch server or similar). Also, any IPs specified in either the DNS section or the HTTP section of the config file are automatically added to the exclude list, so they will not be blocked for any alert generated by them.

      •  14 Jul 2004 23:49

        Release Notes: There are a few minor changes and some code cleanup. DNS rules to also allow TCP for things like zone transfers and hosts with large DNS records have been added.

        •  30 Jun 2004 20:49

          Release Notes: The ability to keep state on a restart has been added, so currently blocked hosts will get re-blocked after the daemon is restarted. There is some more code cleanup and an updated documentation/install script, and a startup script has been added.

          •  11 Jun 2004 06:06

            Release Notes: This version added blocks for a specific classification type and network (CIDR) support to the exclude file. A config file option for specifying the location of sendmail was added along with code cleanups, bugfixes, more documentation, and fixes for the install script.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.