HLBR stands for Hogwash Light BR. It is a Brazilian fork of Jason Larsen's Hogwash Intrusion Prevention System (IPS). Its main feature is that it can run directly over OSI model layer 2, which means it doesn't even require a TCP/IP stack, running as a bridge.
HLBR comes with a set of rules to detect known malicious network traffic, and you can define your own rules as well. Packet handling include options like dropping or diverting it to another machine (such as a honeypot). Since it works like a bridge and doesn't requires an IP address, it is invisible to intruders. HLBR is a firewall component and must be put before a Intrusion Detection System (IDS). The IDS (Snort or other) will show all suspect traffic doesn't blocked and it can be used to compose new rules to IPS.
HLBR rule definition language has support for regular expressions (Perl). All blocked traffic is dumped in log under tcpdump format.
|
|
|
| 硬件架构 | 版本 | 软件包大小 | 安装后大小 | 文件 |
|---|---|---|---|---|
| alpha | 1.7-1 | 101.1 kB | 432 kB | [文件列表] |
| amd64 | 1.7-1 | 89.7 kB | 384 kB | [文件列表] |
| armel | 1.7-1 | 80.7 kB | 364 kB | [文件列表] |
| avr32 (非官方移植版) | 1.7-1 | 81.6 kB | 348 kB | [文件列表] |
| hppa | 1.7-1 | 89.2 kB | 380 kB | [文件列表] |
| i386 | 1.7-1 | 79.5 kB | 360 kB | [文件列表] |
| ia64 | 1.7-1 | 119.9 kB | 540 kB | [文件列表] |
| m68k (非官方移植版) | 1.6-2 | 69.9 kB | 356 kB | [文件列表] |
| mips | 1.7-1 | 83.2 kB | 408 kB | [文件列表] |
| mipsel | 1.7-1 | 84.5 kB | 408 kB | [文件列表] |
| powerpc | 1.7-1 | 87.2 kB | 388 kB | [文件列表] |
| s390 | 1.7-1 | 88.4 kB | 380 kB | [文件列表] |
| sparc | 1.7-1 | 82.7 kB | 364 kB | [文件列表] |