Quarantining a System using Freeradius
Michael Schwartzkopff
misch at multinet.de
Tue Nov 28 13:26:40 CET 2006
Am Dienstag, 28. November 2006 13:11 schrieb Michael Messner:
> Dev Anand schrieb:
> > Hi All ,
> >
> > Is it possible to quarantine a system by placing it in different vlan
> > by OpenRadius ?
> >
> > If so can somebody guide me on the steps that can be tried .
> >
> > The situation is like this :
> > System already having an IP address , but found to be infected with a
> > virus-worm.
> > So it needs to be quarantined automatically .
Perhaps better to use a IDS / IPS reconfiguring the switch automatically it
malware is detected.
snort (GPL) could do this with scripting, Sourcefire (commercial) has buildin
support for this.
--
Dr. Michael Schwartzkopff
MultiNET Services GmbH
Bretonischer Ring 7
85630 Grasbrunn
Tel: (+49 89) 456 911 - 0
Fax: (+49 89) 456 911 - 21
mob: (+49 174) 343 28 75
PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B
Skype: misch42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061128/2b5006a9/attachment.pgp>
More information about the Freeradius-Users
mailing list