Re: need your help,thanks

From: Konrad Rieck (rieck_at_first.fhg.de)
Date: 08/31/04

  • Next message: Stefan Keller: "Re: session logging IDS"
    To: Focus IDS <focus-ids@securityfocus.com>
    Date: Tue, 31 Aug 2004 10:15:42 +0200
    
    
    

    On Sun, 2004-08-29 at 18:57, Jose Maria Lopez wrote:
    > Snort used to have a patch that was an anormality detector that could
    > learn from the "normal" traffic in your site and make alerts when
    > "strange" traffic was detected, but I think it didn't work very well
    > because it seems that they have quitted the development.

    The patch is called SPADE/SPICE and was written by SiliconDefense,
    http://tinyurl.com/5nwy7. It's outdated nowadays.

    Regards,
    Konrad

    -- 
    Konrad Rieck <rieck@first.fhg.de>, Fraunhofer FIRST, http://first.fhg.de
    PGP Key Fingerprint = 7D55 5896 834A A1C8 303C  8BC5 4C53 3611 C1FA 82F2
    
    



  • Next message: Stefan Keller: "Re: session logging IDS"