Recomended Anomaly Detection Software

From: Lee (linuxtwidler_at_gmail.com)
Date: 01/19/05

Next message: Alexandre Soares: "Agregation Traffic Model"

Previous message: THolman_at_toplayer.com: "RE: IDS: Snort detecting distributed syn floods"
Next in thread: Drew Simonis: "Re: Recomended Anomaly Detection Software"
Maybe reply: Drew Simonis: "Re: Recomended Anomaly Detection Software"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 19 Jan 2005 15:47:50 -0600 (CST)
To: focus-ids@securityfocus.com

Greetings,

I would like to know if there is someone that would recommend a piece of
software that does a good job at anomaly detection?

In particular, I have a tcpdump file of SMTP traffic, which I would like
to pass analyse.

Any thoughts?

Thanks
Lee

-- 
Lee
linuxtwidler@gmail.com
--------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------

Next message: Alexandre Soares: "Agregation Traffic Model"

Previous message: THolman_at_toplayer.com: "RE: IDS: Snort detecting distributed syn floods"
Next in thread: Drew Simonis: "Re: Recomended Anomaly Detection Software"
Maybe reply: Drew Simonis: "Re: Recomended Anomaly Detection Software"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: PC Application Software Inspector
... I recommend 2 tools which are very good and easy to deploy: ... OpenAudit (It is very easy to deploy, even you don't need install any ... with real-world attacks from CORE IMPACT. ...
(Focus-IDS)
Re: IPS comparison
... I just got done testing a number of IPS devices using simple publicly ... anomaly detection is so rare that it's almost unexistant in the ... > with real-world attacks from CORE IMPACT. ...
(Focus-IDS)
Re: IDS testing tools
... Do you guys have any good sites that work properly for download? ... Do you recommend other good tools for testing? ... Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. ...
(Focus-IDS)
Re: IDS evaluations procedures
... talking about network anomaly detection? ... What kind of anomaly detection are you trying to test? ... > Find out quickly and easily by testing it with real-world attacks from ... > CORE IMPACT. ...
(Focus-IDS)
Re: Wishlist for IPS Products
... > recall a discussion on the primary features that an IPS should have ... > - Anomaly detection ... Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. ...
(Focus-IDS)