Spoink is an output-plugin for snort that
blocking access to attackers using
OpenBSD's pf api.
All you need is an OpenBSD machine (or pf
and snort (last version works
Spoink uses a pf table and a blocking rule to stop
"attackers" accessing our system. To protect from
false negatives you must have a whitelist full of
ips you want save (see section 2).
It only blocks attacks defined in snort rules
think for a minute what rules you want to use
Setting snort with spoink
contact at zz |dot| stalker |at| gmail |dot| com
public key id: 0x1E0D5A2A