Firewall Wizards mailing list archives
Re: Recording slow scans
From: Adam Shostack <adam () homeport org>
Date: Wed, 14 Oct 1998 10:27:39 -0400
There's Bro and Shadow for Network sniffer misuse and anomoly detection (depending on how you program them.) Theres AAFID, which now has network agents. (COAST's distributed agent based system). There's tripwire and l5 for host change detection. Theres swatch for log monitoring. Theres a lot of open source stuff. I think the problem is more a lack of basic thinking on the lines of 'The Design of an Internet Firewall' that helps clarify people's thoughts on what to build; people are still designing cool new stuff, and some of them are selling it, others are giving it away. Adam On Wed, Oct 14, 1998 at 02:55:04AM +0000, Crispin Cowan wrote: | I don't see a whole lot of open-source IDS-ware floating around. On the | other hand, there is a lot of commercial, closed-source IDS products out | there. If there was an IDS toolkit, then open source coders could write | cleaver new instruments, finte tune stuff, debug stuff, contribute | enhancements back into the community ... you know, that cool stuff that | open-source people tend to do if you let them. -- "It is seldom that liberty of any kind is lost all at once." -Hume
Current thread:
- Recording slow scans Darren Reed (Oct 05)
- Re: Recording slow scans Paul D. Robertson (Oct 05)
- Re: Recording slow scans Stephen P. Berry (Oct 07)
- Re: Recording slow scans Marcus J. Ranum (Oct 07)
- Re: Recording slow scans Stephen P. Berry (Oct 09)
- Re: Recording slow scans Darren Reed (Oct 13)
- Re: Recording slow scans Crispin Cowan (Oct 14)
- Re: Recording slow scans Darren Reed (Oct 14)
- Re: Recording slow scans Marcus J. Ranum (Oct 14)
- Re: Recording slow scans Adam Shostack (Oct 14)
- Re: Recording slow scans Marcus J. Ranum (Oct 14)
- Re: Recording slow scans Darren Reed (Oct 14)
- Cisco's L2F Andy Burns (Oct 14)
- Re: Cisco's L2F Jesús Cea Avión (Oct 16)
- Re: Recording slow scans Stephen P. Berry (Oct 07)
- Re: Recording slow scans Paul D. Robertson (Oct 05)
- Re: Recording slow scans Bennett Todd (Oct 14)
- Re: Recording slow scans Marcus J. Ranum (Oct 14)
- Re: Recording slow scans Chuck Benson (Oct 14)
- Re: ifconfig down (was Re: Recording slow scans Doug Hughes (Oct 13)
- Re: ifconfig down (was Re: Recording slow scans Henry Hertz Hobbit (Oct 13)