RE: Evaluation for IDS

From: Henry Sieff (hsieff@orthodon.com)
Date: 09/28/01 

Message-ID: <4D5D8A4276CCD411BEB400A0C9E105C402D18E@chaka.orthodon.com>
From: Henry Sieff <hsieff@orthodon.com>
To: "'jfontelera@SOLANOCOUNTY.COM'" <jfontelera@SOLANOCOUNTY.COM>, focus-ids@securityfocus.com
Subject: RE: Evaluation for IDS
Date: Fri, 28 Sep 2001 16:40:46 -0500

the man page: http://netgroup-serv.polito.it/windump/docs/manual.htm

Is that what you were looking for?

> -----Original Message-----
> From: jfontelera@SOLANOCOUNTY.COM
[mailto:jfontelera@SOLANOCOUNTY.COM]
> Sent: Friday, September 28, 2001 4:20 PM
> To: focus-ids@securityfocus.com
> Subject: RE: Evaluation for IDS
>
>
>
> Is there a good site that discusses writing filters for
> TCPDump or Windump.
>
> Thanks.
>

Relevant Pages

  • RE: Evaluation for IDS
    ... Subject: Evaluation for IDS ... The tcpdump files that shmoo has from the DefCon CTF networks ... offer a whole bunch of nasty traffic that you can use with ...
    (Focus-IDS)
  • Re: newbie quetsions
    ... >whether an IDS can take the load of millions of packets at once. ... Evaluation of IPS products raises a great challenge for the evaluator. ...
    (Focus-IDS)
  • RE: Evaluation for IDS
    ... Subject: Evaluation for IDS ... Is there a good site that discusses writing filters for TCPDump or Windump. ...
    (Focus-IDS)
  • RE: Evaluation for IDS
    ... Subject: Evaluation for IDS ... > Is there a good site that discusses writing filters for TCPDump or ... > Windump. ... look at the tcpdump manpage (the openbsd one has ...
    (Focus-IDS)
  • Re: Evaluation for IDS
    ... Subject: Evaluation for IDS ... Generally you can refer to Commom Criteria project, ... > I need help about testing methodology for IDS, ...
    (Focus-IDS)