[Full-Disclosure] IDS Signatures
From: preeth k (k_preeth_at_rediffmail.com)
Date: 02/22/05
- Previous message: Feher Tamas: "[Full-Disclosure] Re: this is fun"
- Next in thread: Micheal Espinola Jr: "RE: [Full-Disclosure] IDS Signatures"
- Reply: Micheal Espinola Jr: "RE: [Full-Disclosure] IDS Signatures"
- Maybe reply: Michael Scheidell: "RE: [Full-Disclosure] IDS Signatures"
- Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] IDS Signatures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 22 Feb 2005 09:36:21 -0000 To: full-disclosure@lists.netsys.com
Hi,
I am designing a Network Intrusion Detection System in Linux. I want to create a database of intrusion signatures using MySQL database. Can anyone please give an idea about what all fields I have to include, how to store packet payload, which pattern matching algorithm to use, etc. (Will Boyer-Moore algorithm be appropriate for pattern matching in IDS?)
Regards,
Preeth.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Feher Tamas: "[Full-Disclosure] Re: this is fun"
- Next in thread: Micheal Espinola Jr: "RE: [Full-Disclosure] IDS Signatures"
- Reply: Micheal Espinola Jr: "RE: [Full-Disclosure] IDS Signatures"
- Maybe reply: Michael Scheidell: "RE: [Full-Disclosure] IDS Signatures"
- Reply: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] IDS Signatures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
