03-03-2008
Detecting signatures of various application layer protocols is usually the domain of applications built on low level packet inspection facilities like libpcap: IDS, etc..
There are plenty of IDS with open codebases and modular frameworks. You could check out sourceforge and take a look under security.
10 More Discussions You Might Find Interesting
1. Programming
I don't know if this is the correct forum to post this but hopefully someone can atleast point me in the right direction if they can't help me.
I am trying to install the Net::Pcap module for perl from Tim Potter version .04. I have installed gcc 2.95.3 on my Solaris 8 box. I am sure it's just... (6 Replies)
Discussion started by: TioTony
6 Replies
2. Programming
I cant use pcap.h include file. How can I do so? :confused: (8 Replies)
Discussion started by: Pervez Sajjad
8 Replies
3. Programming
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
4. Shell Programming and Scripting
Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know?
Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies
5. UNIX for Dummies Questions & Answers
Hi,
I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (1 Reply)
Discussion started by: hershey101
1 Replies
6. Programming
Hi,
I am new at UNIX and programing in general and only have a basic knowledge of C++. I am helping out with some research at a college and was given the task to sort through captured packets via IP addresses. I was wondering if anyone could help me with writing a code which filters through pcap... (4 Replies)
Discussion started by: hershey101
4 Replies
7. Programming
Hi,
i am using a linux CentOS machine. I have 2 real network interfaces
eth0, eth1 and 2 virtual interfaces tap0 and tap1. I am using PCAP library to capture
the packets on theses interfaces. If i specify the interface as "any",
i cannot find a way to know from which interface the packet... (1 Reply)
Discussion started by: rahulnitk2004
1 Replies
8. Shell Programming and Scripting
Hi,
I have a standard pcap file created using tcpdump. The file looks like
06:49:36.487629 IP 202.1.175.252 > 71.126.222.64: ICMP echo request, id 52765, seq 1280, length 40
06:49:36.489552 IP 192.120.148.227 > 71.126.222.64: ICMP echo request, id 512, seq 1280, length 40
06:49:36.491812 IP... (8 Replies)
Discussion started by: sajal.bhatia
8 Replies
9. Programming
Dear All,
Which is better to use ? Ascii or Pcap tracing ? Or are they complementary ? (1 Reply)
Discussion started by: knowledgeSeeker
1 Replies
10. Programming
Hi I have a program that captures packets with the libpcap library by calling the pcap-functions, e.g. pcap_next(...).
I would like to use PF_RING for the program and therefore I would have to adjust the calling functions to
pfring_open(...)
pfring_recv(...)
I'm pretty knew in network... (0 Replies)
Discussion started by: Freaky123
0 Replies
LEARN ABOUT SUSE
ocf_heartbeat_ids
OCF_HEARTBEAT_IDS(7) OCF resource agents OCF_HEARTBEAT_IDS(7)
NAME
ocf_heartbeat_ids - Manages an Informix Dynamic Server (IDS) instance
SYNOPSIS
ids [start | stop | status | monitor | validate-all | meta-data | methods | usage]
DESCRIPTION
OCF resource agent to manage an IBM Informix Dynamic Server (IDS) instance as an High-Availability resource.
SUPPORTED PARAMETERS
informixdir
The value the environment variable INFORMIXDIR has after a typical installation of IDS. Or in other words: the path (without trailing
'/') where IDS was installed to. If this parameter is unspecified the script will try to get the value from the shell environment.
(optional, string, no default)
informixserver
The value the environment variable INFORMIXSERVER has after a typical installation of IDS. Or in other words: the name of the IDS
server instance to manage. If this parameter is unspecified the script will try to get the value from the shell environment. (optional,
string, no default)
onconfig
The value the environment variable ONCONFIG has after a typical installation of IDS. Or in other words: the name of the configuration
file for the IDS instance specified in INFORMIXSERVER. The specified configuration file will be searched at '/etc/'. If this parameter
is unspecified the script will try to get the value from the shell environment. (optional, string, no default)
dbname
This parameter defines which database to use in order to monitor the IDS instance. If this parameter is unspecified the script will use
the 'sysmaster' database as a default. (optional, string, default sysmaster)
sqltestquery
SQL test query to run on the database specified by the parameter 'dbname' in order to monitor the IDS instance and determine if it's
functional or not. If this parameter is unspecified the script will use 'SELECT COUNT(*) FROM systables;' as a default. (optional,
string, default SELECT COUNT(*) FROM systables;)
SUPPORTED ACTIONS
This resource agent supports the following actions (operations):
start
Starts the resource. Suggested minimum timeout: 120.
stop
Stops the resource. Suggested minimum timeout: 120.
status
Performs a status check. Suggested minimum timeout: 60.
monitor
Performs a detailed status check. Suggested minimum timeout: 30. Suggested interval: 10.
validate-all
Performs a validation of the resource configuration. Suggested minimum timeout: 5.
meta-data
Retrieves resource agent metadata (internal use only). Suggested minimum timeout: 5.
methods
Suggested minimum timeout: 5.
usage
Suggested minimum timeout: 5.
EXAMPLE
The following is an example configuration for a ids resource using the crm(8) shell:
primitive example_ids ocf:heartbeat:ids
op monitor depth="0" timeout="30" interval="10"
SEE ALSO
http://www.linux-ha.org/wiki/ids_(resource_agent)
AUTHOR
Linux-HA contributors (see the resource agent source for information about individual authors)
resource-agents 1.0.3 07/05/2010 OCF_HEARTBEAT_IDS(7)