diff options
author | David E. O'Brien <obrien@FreeBSD.org> | 2000-02-14 02:59:36 +0000 |
---|---|---|
committer | David E. O'Brien <obrien@FreeBSD.org> | 2000-02-14 02:59:36 +0000 |
commit | 8b129ae9038edb7056d88465602ddcf485b931ac (patch) | |
tree | 830115ab8d02de9f3efb50895939ff3507d1a20b /security/rid/pkg-descr | |
parent | 9b4d19e8d06c146c898d61376ffe2891417d3613 (diff) | |
download | ports-8b129ae9038edb7056d88465602ddcf485b931ac.tar.gz ports-8b129ae9038edb7056d88465602ddcf485b931ac.zip |
Notes
Diffstat (limited to 'security/rid/pkg-descr')
-rw-r--r-- | security/rid/pkg-descr | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/security/rid/pkg-descr b/security/rid/pkg-descr new file mode 100644 index 000000000000..7621341b0587 --- /dev/null +++ b/security/rid/pkg-descr @@ -0,0 +1,12 @@ +RID - Remote Intrusion Detection +-------------------------------- +RID is a configurable tool which uses intrusion fingerprints to track down +compromised hosts. RID can remotely detect Stacheldraht, TFN, Trinoo and TFN2k +if the attacker did not change the default ports. + +After a compromise, this information can often be turned into a "fingerprint" +of the intrusion. RID is designed to be capable of accurately specifying this +"fingerprint" with little knowledge of network programming. + +RID is based off an extension of ngrep (network grep). It is different because +it extends ngrep into a probing tool. |