Messor Documentation

Doc_text




Messor concept

Messor is the scripts set, intended for monitoring and blocking various network attacks. It mainly differs from other ids / ips by its own network structure
Everyone, who installed messor-client, joins messor.network, which allows getting daily database updates
The database contains ip addresses list, recognized as dangerous by the network (which means they have over one attack in recently)
Besides the database contains a regular expression for detecting attacks while using useragent, get/post data. Besides it contains the honeypot list, intended to detect scans.
Each messor network member is obliged to distribute the current database to other network participants and send the collected attack data to the central network servers.
So, let's summarize messor concept
Messor is IDS/IPS + Honeypot and Hybryd P2P client/server