Hosting Provided By

Re: Building a Basic IDS.

From: Neil Daswani <daswani(at)cs.stanford.edu>
Date: Thu Jun 05 2003 - 17:54:14 EDT

('binary' encoding is not supported, stored as-is)
In-Reply-To: <1054729803.1224.25.camel@tumbak>

If you are interested in building a basic IDS, you may want to check out Vern Paxson's paper on Bro:

http://citeseer.nj.nec.com/313480.html
(Click on the PS or PDF links to download the paper.)

The paper discusses some of the fundamental issues and trade-offs in building a network-based intrusion detection system.

Sincerely,

Neil Daswani
http://www.learnsecurity.com/introccs/

>Received: (qmail 16756 invoked from network); 4 Jun 2003 18:40:20 -0000
>Received: from outgoing2.securityfocus.com (205.206.231.26)
[205.206.231.19])
> by outgoing2.securityfocus.com (Postfix) with QMQP
> id 7A08F8F28C; Wed, 4 Jun 2003 12:46:50 -0600 (MDT)
>Mailing-List: contact focus-ids-help@securityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <focus-ids.list-id.securityfocus.com>
>List-Post: <mailto:focus-ids@securityfocus.com>
>List-Help: <mailto:focus-ids-help@securityfocus.com>
>List-Unsubscribe: <mailto:focus-ids-unsubscribe@securityfocus.com>
>List-Subscribe: <mailto:focus-ids-subscribe@securityfocus.com>
>Delivered-To: mailing list focus-ids@securityfocus.com
>Delivered-To: moderator for focus-ids@securityfocus.com
>Received: (qmail 25485 invoked from network); 4 Jun 2003 11:58:00 -0000
>Subject: Building a Basic IDS.
>From: Zaid Amireh <tumbak@inbox.lv>
>To: focus-ids@securityfocus.com
>Content-Type: text/plain
>Content-Transfer-Encoding: 7bit
>X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10)
>Date: 04 Jun 2003 15:30:01 +0300

>INTRUSION PREVENTION: READY FOR PRIME TIME?
>
>IntruShield now offers unprecedented Intrusion IntelligenceTM
capabilities
>- including intrusion identification, relevancy, direction, impact and
analysis
>- enabling a path to prevention.
>
>Download the latest white paper "Intrusion Prevention: Myths, Challenges,
and Requirements" at:
>http://www.securityfocus.com/IntruVert-focus-ids2
>--------------------------------------------------------------------------

>
>

INTRUSION PREVENTION: READY FOR PRIME TIME? IntruShield now offers unprecedented Intrusion IntelligenceTM capabilities - including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention.

Download the latest white paper "Intrusion Prevention: Myths, Challenges, and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids2

Received on Thu Jun 5 19:49:02 2003

This message: [ Message body ]
Next message: Ueli Kistler: "Re: IDS CENTER QUESTION"
Previous message: Brian Laing: "RE: Help in evaluating Inline IDS/IPS solution"
In reply to Zaid Amireh: "Building a Basic IDS."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:13 EDT

Do you need help?