Re: Papers on Intrusion Analysis and Response
From: DAVID MARKLE (davidmarkle_at_comcast.net)
Date: 06/23/03
- Previous message: Jason V. Miller: "Gartner Report Thread Administrivia"
- Maybe in reply to: Eric Hines: "Papers on Intrusion Analysis and Response"
- Next in thread: Rodney Green: "Re: Papers on Intrusion Analysis and Response"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Jun 2003 13:42:07 -0400 To: Eric Hines <eric.hines@appliedwatch.com>
Eric,
Gary Golomb (Enterasys) put a nice paper out on the demystification of
IDS a few months ago. It had a real nice example of stepping through
an attack. Below is the link.
https://dragon.enterasys.com/wp/ID_Methodologies_Demystified.pdf
http://www.enterasys.com/products/ids/whitepapers/
----- Original Message -----
From: Eric Hines <eric.hines@appliedwatch.com>
Date: Monday, June 23, 2003 12:22 pm
Subject: Papers on Intrusion Analysis and Response
> Has anyone on this list come across any process descriptions or
> whitepapers on Event Analysis, intrusion analysis, etc? A paper that
> details steps and/or methodologies in the analysis of events generated
> by Intrusion Detection Systems?
>
> Thanks!
>
> Eric Hines
> CEO, Chairman
> Applied Watch Technologies, Inc.
> http://www.appliedwatch.com
>
> ===============================================
>
> Eric Hines
> CEO, Chairman
> Applied Watch Technologies, Inc.
> eric.hines@appliedwatch.com
> -----------------------------------------------
> Corporate Headquarters
> 1650 Carlemont Dr.
> Suite D
> Crystal Lake, IL. 60014
> -----------------------------------------------
> Direct Toll Free: (877) 262-7593 (x327)
> Fax: (815) 425-2173
> -----------------------------------------------
> Main Switchboard: (877) 262-7593 (9am-5pm CST)
> Commercial Sales: (877) 262-7593 (opt1)
> Government Sales: (877) 262-7593 (opt2)
> -----------------------------------------------
> "Welcome to a new breed of Snort IDS Managers"
> ===============================================
>
>
> -------------------------------------------------------------------
> ------------
> Attend the Black Hat Briefings & Training, July 28 - 31 in Las
> Vegas, the
> world's premier technical IT security event! 10 tracks, 15
> training sessions,
> 1,800 delegates from 30 nations including all of the top experts,
> from CSO's to
> "underground" security specialists. See for yourself what the
> buzz is about!
> Early-bird registration ends July 3. This event will sell out.
> www.blackhat.com---------------------------------------------------
> ----------------------------
>
>
-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists. See for yourself what the buzz is about!
Early-bird registration ends July 3. This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------
- Previous message: Jason V. Miller: "Gartner Report Thread Administrivia"
- Maybe in reply to: Eric Hines: "Papers on Intrusion Analysis and Response"
- Next in thread: Rodney Green: "Re: Papers on Intrusion Analysis and Response"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
