Index of /ports_security/sancp
Name Last modified Size
![[DIR]](/icons/back.gif)
Parent Directory -
![[ ]](/icons/unknown.gif)
Makefile 28-May-2011 14:11 1.0K
distinfo 28-May-2011 14:11 143
![[DIR]](/icons/folder.gif)
files/ 28-May-2011 14:11 -
![[TXT]](/icons/text.gif)
pkg-deinstall 28-May-2011 14:11 196
pkg-descr 03-Oct-2007 18:17 736
pkg-install 28-May-2011 14:11 124
pkg-plist 03-Oct-2007 18:17 155
Sancp is a network security tool designed to collect
statistical information regarding network traffic, as
well as, collect the traffic itself in pcap format, all
for the purpose of: auditing, historical analysis, and
network activity discovery. Rules can be used to distinguish
normal from abnormal traffic and support tagging connections
with: rule id, node id, and status id. From an intrusion
detection standpoint, every connection is an event that must
be validated through some means. Sancp uses rules to identify,
record, and tag traffic of interest. 'Tagging' a connection
is a new feature since v1.4.0 Connections ('stats') can be
loaded into a database for further analysis.
WWW: http://www.metre.net/sancp.html