Re: Snort + (OpenBSD or Linux)
From: root (root@elxsi.de)Date: 07/31/01
- Previous message: Yoann Vandoorselaere: "Re: Snort + (OpenBSD or Linux)"
- In reply to: Yoann Vandoorselaere: "Re: Snort + (OpenBSD or Linux)"
- Next in thread: Jamie French: "Shadow IDS on basic kenel"
- Next in thread: Dragos Ruiu: "Re: Snort + (OpenBSD or Linux)"
- Reply: Jamie French: "Shadow IDS on basic kenel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 31 Jul 2001 04:19:29 +0200 (CEST) From: root <root@elxsi.de> To: <FOCUS-IDS@securityfocus.com> Subject: Re: Snort + (OpenBSD or Linux) Message-ID: <Pine.LNX.4.31.0107310414560.15391-100000@elxsi.elxsi.de>
Hi,
why not write an OS with the only purpose to run an IDS.
We could use the oskit libs (http://www.cs.utah.edu/projects/flux/oskit/)
to implement the basic os functions and port the libpcap to our new "os"
and write the code for the IDS.
After that we only have a running kernel and a few processes - could be
very performant I think.
Martin
- Previous message: Yoann Vandoorselaere: "Re: Snort + (OpenBSD or Linux)"
- In reply to: Yoann Vandoorselaere: "Re: Snort + (OpenBSD or Linux)"
- Next in thread: Jamie French: "Shadow IDS on basic kenel"
- Next in thread: Dragos Ruiu: "Re: Snort + (OpenBSD or Linux)"
- Reply: Jamie French: "Shadow IDS on basic kenel"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
