NetSQUID
Current Version: 1.4.2 - Released 8.10.2004







Added CGI scripts (basic for now) available in the CVS tree (written for thttpd).
C Port
CVS Tree (C and Perl)
Mailing List: Netsquid-News@listserv.tamu.edu
F.A.Q.
Freshmeat.net Project
Rule File
The Rules are now part of the Bleeding Snort project.

Thanks to all of you who came out to listen to us speak at ResNet 2004.

We now have a mailing list and a C port underway.

This project is a way to dynamically block hosts that are infected with some kind of virus or are in violation of a policy (scanning/hacking/etc...).  However that's not where it stops.  It can not only detect and quarantine infected hosts, it can also notify the infected host/user that they are in violation of something.  It's basically a simple/easy way to take a great IDS (Intrusion Detection System) like Snort and transform it into an IPS (Intrusion Prevention System).
The main goals were:
  1. Low administration
  2. Easy to deploy
  3. Effective
  4. Usable in a wide variety of environments
  5. Low cost
History
This project was originally started in Sept of 2003 to combat the massive outbreak of Nachi/Welchia etc... that plagued campus.  The original version was a shell script that ran on an OpenBSD box and used pf.  It has since been moved to a daemon written in Perl running on Linux using IPTables.  It's under current development, adding features fixing bugs etc.  There is more information available in the News section.

This project is released under the following license

netsquid@net.tamu.edu
Last Update: 10/21/2004
Updated: NetSQUID
NetSQUID