You might want to look at snort for this. snort runs
very well on NT, thanks to Mike Davis.

However, what I don't see is why you would want packet
filtering. Why not simply disable whichever service
is listening on that ports you want to close? Or are
you looking for a method of auditing and logging?

I seem to remember (don't quote me, I'm not at my home
computer) that you can designate which interface snort
is supposed to bind to...which gives you your
multiple-NIC functionality.

--- John Girvin <john.girvinOSARIUS.COM> wrote:
> Hi,
>
> I'd like to add packet filters to my NT/2K server
> boxes as a second
> line of defence behind the main firewall.
>
> Some of the boxes have more than one NIC and I'd
> like/need to be able
> to configure different filter rules for each
> separately. Packet logging
> would be a bonus too.
>
> This needs to be done on a zero/tight budget so Ive
> been looking around
> the "personal firewall" class of product, but
> nothing Ive come across so
> far can do the multiple-NIC trick.
>
> So I'm looking for suggestions ... can anyone
> recommend a free/cheap
> packet filter that supports multiple NICs ?
>
> Thanks,
> /John

__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]