Spoink is an output plugin for snort that works by blocking access to attackers using OpenBSD's pf API. Spoink uses a pf table and a blocking rule to stop "attackers" from accessing your system. To protect from false negatives you must have a whitelist full of IP addresses. It only blocks attacks defined in snort rules.
|Operating Systems||POSIX BSD OpenBSD|
No changes have been submitted for this release.