HenWen is a network security package for Mac OS X that makes it easy to configure and run Snort, a free Network Intrusion Detection System (NIDS).

HenWen’s goal is to simplify setting up and maintaining software that will scan
network traffic for undesirable traffic a firewall may not block. Everything you need
to have is bundled in; there is no compiling or command line use necessary.
A NIDS has a number of practical uses on a network. For people that use Mac OS
X Server or otherwise provide network services with their Macs, a NIDS will
inform the administrator that someone from a specific place on the network is trying
to scan the server for possible vulnerabilities, or try to compromise security. A
NIDS can also scan the network for bad TCP or ICMP traffic, or traffic that
suggests someone on the network (or the local computer) is trying to do something
that the network administrator does not want them doing (ie. trading pirated
software, using iChat on company time, or using software they?re not supposed to
be using). While a NIDS is mainly used by network administrators, a NIDS is also a
useful thing for home users to have as well, especially for home users who are
always connected to the Internet and/or have a home network installed.
A NIDS is not really a replacement for a firewall. By default, Snort will only warn
about suspicious activity; it will not actually pull the plug. Snort?s rules can be
modified to disconnect suspicious activity, but this could interfere with normal
network traffic (especially in the case of a false alarm), and it could cause Snort to
go into an infinite loop.

by [url=http://dreamless.home.attbi.com/]Nick Zitzmann[/url]
download: [url=http://deepquest.code511.com/os_X_tools/HenWen2.0.dmg.sit]Local mirror[/url]

---

Filed under: OSX security tools - @ April 24, 2003 4:10 pm