Developing IDS
From: Peteris Krumins (newsgroups@lf.lv)
Date: 04/10/03
- Previous message: Bill Boyle: "RE: False Positives with IntruVert"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 10 Apr 2003 22:04:29 +0300 From: Peteris Krumins <newsgroups@lf.lv> To: focus-ids@securityfocus.com
Hello people,
I am developing an ids system and i'd like to hear you opinions what
is a _must_ for an ids system and what are great features to add?
I am joining a fw and an IDS system together. Currently the system is
able to detect any bad (invalid packets, reserved ips etc. - dropped
immediately) and suspicious (for example, late night logins, multiple
tries to login etc. - logged to database and if user has chosen, sends sms
or email) traffic.
Currently the system is being developed so that anything bad is
logged to a database. Later anyone using my IDS can see very detalized
statistics.
Best regards,
P.Krumins
-----------------------------------------------------------
ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
Learn why 70% of today's successful hacks involve Web Application
attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter
Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71
- Previous message: Bill Boyle: "RE: False Positives with IntruVert"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
