I read security researchers use a black box to rewind attacks.
What would it take to build an Open Source version. A network sniffer with alerts.
I guess you would have to retain packets as well for 'rewind'?
Some sort of transparent bridge behind the firewall?
Is this just security researchers with honeypots or does industry use them as well?
What kind of programs would you use for a homebrew version. Tools like Tripwire?
What would it take to build an Open Source version. A network sniffer with alerts.
I guess you would have to retain packets as well for 'rewind'?
Some sort of transparent bridge behind the firewall?
Is this just security researchers with honeypots or does industry use them as well?
What kind of programs would you use for a homebrew version. Tools like Tripwire?