Perl prototype: v0.30
- pcaplib support added; daemon no longer requires firewall log file
2004-Nov-14 18:59 | ...more
new Net::Pcap support added to sniff packets directly ...more
Doesn’t monitoring a log file use unreasonably large amount of system resources? What about systems that receive many concurrent connections?
Port Knocking was initially envisioned to use the firewall log file because the information in the file is easy to extract using basic command line tools like tail and grep. For a robust implementation designed for a high-traffic server, the port knocking daemon should be integrated into the firewall software so that it can function internal to the firewall, without having to look at the log file.
last updated 2004-Feb-07 11:45