HLBR stands for Hogwash Light BR. It is a Brazilian fork of Jason Larsen's Hogwash Intrusion Prevention System (IPS). Its main feature is that it can run directly over OSI model layer 2, which means it doesn't even require a TCP/IP stack, running as a bridge.
HLBR comes with a set of rules to detect known malicious network traffic, and you can define your own rules as well. Packet handling include options like dropping or diverting it to another machine (such as a honeypot). Since it works like a bridge and doesn't requires an IP address, it is invisible to intruders. HLBR is a firewall component and must be put before a Intrusion Detection System (IDS). The IDS (Snort or other) will show all suspect traffic doesn't blocked and it can be used to compose new rules to IPS.
HLBR rule definition language has support for regular expressions (Perl). All blocked traffic is dumped in log under tcpdump format.
|
|
|
| アーキテクチャ | バージョン | パッケージサイズ | インストールサイズ | ファイル |
|---|---|---|---|---|
| alpha | 1.7-1 | 101.1 kB | 432 kB | [ファイル一覧] |
| amd64 | 1.7-1 | 89.7 kB | 384 kB | [ファイル一覧] |
| armel | 1.7-1 | 80.7 kB | 364 kB | [ファイル一覧] |
| avr32 (非公式の移植版) | 1.7-1 | 81.6 kB | 348 kB | [ファイル一覧] |
| hppa | 1.7-1 | 89.2 kB | 380 kB | [ファイル一覧] |
| i386 | 1.7-1 | 79.5 kB | 360 kB | [ファイル一覧] |
| ia64 | 1.7-1 | 119.9 kB | 540 kB | [ファイル一覧] |
| m68k (非公式の移植版) | 1.6-2 | 69.9 kB | 356 kB | [ファイル一覧] |
| mips | 1.7-1 | 83.2 kB | 408 kB | [ファイル一覧] |
| mipsel | 1.7-1 | 84.5 kB | 408 kB | [ファイル一覧] |
| powerpc | 1.7-1 | 87.2 kB | 388 kB | [ファイル一覧] |
| s390 | 1.7-1 | 88.4 kB | 380 kB | [ファイル一覧] |
| sparc | 1.7-1 | 82.7 kB | 364 kB | [ファイル一覧] |