Developing IDS

From: Peteris Krumins (
Date: 04/10/03

  • Next message: Luke Leboeuf: "RE: ISS and Snort logs"
    Date: Thu, 10 Apr 2003 22:04:29 +0300
    From: Peteris Krumins <>

    Hello people,

     I am developing an ids system and i'd like to hear you opinions what
     is a _must_ for an ids system and what are great features to add?

     I am joining a fw and an IDS system together. Currently the system is
     able to detect any bad (invalid packets, reserved ips etc. - dropped
     immediately) and suspicious (for example, late night logins, multiple
     tries to login etc. - logged to database and if user has chosen, sends sms
     or email) traffic.
     Currently the system is being developed so that anything bad is
     logged to a database. Later anyone using my IDS can see very detalized

    Best regards,

    ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
    Learn why 70% of today's successful hacks involve Web Application
    attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter

  • Next message: Luke Leboeuf: "RE: ISS and Snort logs"