Re: need your help,thanks
From: Konrad Rieck (rieck_at_first.fhg.de)
Date: 08/31/04
- Previous message: David W. Goodrum: "Re: session logging IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Focus IDS <focus-ids@securityfocus.com> Date: Tue, 31 Aug 2004 10:15:42 +0200
On Sun, 2004-08-29 at 18:57, Jose Maria Lopez wrote:
> Snort used to have a patch that was an anormality detector that could
> learn from the "normal" traffic in your site and make alerts when
> "strange" traffic was detected, but I think it didn't work very well
> because it seems that they have quitted the development.
The patch is called SPADE/SPICE and was written by SiliconDefense,
http://tinyurl.com/5nwy7. It's outdated nowadays.
Regards,
Konrad
-- Konrad Rieck <rieck@first.fhg.de>, Fraunhofer FIRST, http://first.fhg.de PGP Key Fingerprint = 7D55 5896 834A A1C8 303C 8BC5 4C53 3611 C1FA 82F2
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: David W. Goodrum: "Re: session logging IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
- [UNIX] Snort Core Dump Vulnerability
... It is possible to cause <http://www.snort.org/> Snort, ... Snort version
1.8 and prior (without the patch) ... The information in this bulletin is provided
"AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever
including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam) - Smoothwall Firewall SNORT buffer overflow
... is using a vulnerable version of snort. ... A patch has been released for the
stable GPL 1.0 version: ... no patch has been released for the beta version GPL
2.0 Mallard. ... Snort vulnerability reference: ... (Bugtraq)
