Hogwash is an inline packet scrubber that leverages Snort's detection engine to prevent harmful packets from reaching their target.
Upon sharing Scrub with other admins who were encountering similar issues, the creator began receiving patches and noticed that a rules language would be essential. Over the weekend, the creator wrote an original Cheap and Dirty detection engine, which would later be replaced by Snort when the creator landed an internship at the Idaho National Environmental and Engineering Labs (INEEL) in the summer of 1999. The simple layout of Snort appealed to the creator, who welded it into Scrub, thus creating SnortScrub.
After leaving the INEEL to work for a startup, the creator considered commercializing SnortScrub. However, the marketing department was not fond of the name SnortScrub, which prompted the creator to rename it to Hogwash as additional features were added such as the stackless control channel.
Unfortunately, Hogwash began to fragment as people required customized functionality, resulting in dozens of incompatible versions being maintained independently. The development of the public version eventually came to a halt, and as new features were added, Snort's engine began to display its limitations. Thus, the team behind Hogwash decided to resurrect the original Cheap and Dirty engine and implement a Snort compatibility layer.
Today, Hogwash is a powerful inline packet scrubber that can handle heavyweight packet scrubbing with ease. The newly named H2 engine is expected to be available in its final release within the next few months. Depending on a user's specific needs, Hogwash is an excellent choice for preventing malicious packets from reaching their intended destination.
Version 0.5: N/A