Firewall Wizards mailing list archives

Re: "Who else picked this one up?"

From: dreamwvr <dreamwvr () dreamwvr com>
Date: Sat, 01 May 1999 12:34:49 -0600

hi,
the larger the 'SPECTRUM' of the analysis of the scenario the 
more accurate the results. what would be interesting is what had 
been tabled previously in the ids group many moons ago by who ..
is not important:) .. that we construct a global database of 
attack signatures and their characteristics. here we could also add 
a running count of the type or label the attacks by name. someone 
here could write a perl script that takes the results and plots 
them to a graph to indicate visually in real time the extent of any 
given attack || scan. there are many ways of skinning a cat as it were. 
Craig Rowland of www.psionic.com should be given the credit from the 
"Abacus Project" for producing 'logcheck' which provides this in 
great detail, as well as 'portcheck' and 'hostsentry' IMHO no 
results would be as complete without contributions from his side
as his work is most widely used non-proprietary system enjoyed 
by many including myself:-) Lance i look forward to trying out your
script sometime in the hopefully near future as well! Sure a neutral 
zone database would be invaluable. i might just write a database that
allows for real time incident viewing .. just another project to 
keep us up all night:-) should be doable just need to parse the actual
goings on and switch them to database format. now i just need to find 
somewhere a 26 hour day;-)
                                                Best Regards,
                                                dreamwvr () dreamwvr com
Reuters, London, February 29, 1998: 
Scientists have announced discovering a meteorite which will strike the 
earth in March, 2028.  Millions of UNIX coders expressed relief for being 
spared the UNIX epoch "crisis" of 2038.
_______________________________________________________________________

************** DREAMWVR.COM - TOTAL INTERNET SERVICES ****************
  TOTAL DESIGN - DEVELOPMENT - INTEGRATION - SECURITY - Click Here..
           <http://www.dreamwvr.com/services/MAX_SEC.html>
   DREAMWVR.COM - The Console of Many... 24 X 7 Evolution Internet
<http://www.dreamwvr.com/dynamicduo.html> <mailto:dreamwvr () dreamwvr com>
          <*<*<* Proud Linux-Mandrake Distributor *>*>*>
        <http://www.dreamwvr.com/mandrake/mandrake-dist.html>
  "As Unique as the Company You Keep."        "===0 PGP Key Available  
________________________________________________________________________

Current thread:

Re: "Who else picked this one up?" Lance Spitzner (May 01)
- Re: "Who else picked this one up?" dreamwvr (May 03)
- <Possible follow-ups>
- Re: "Who else picked this one up?" Craig H. Rowland (May 01)
- Re: "Who else picked this one up?" R. DuFresne (May 01)
  - Re: "Who else picked this one up?" Paul D. Robertson (May 03)
    - Re: "Who else picked this one up?" R. DuFresne (May 03)
    - Re: "Who else picked this one up?" David Lang (May 04)
    - Re: "Who else picked this one up?" Paul D. Robertson (May 04)
    - Re: "Who else picked this one up?" R. DuFresne (May 04)
    - Re: "Who else picked this one up?" Paul D. Robertson (May 04)
    - Re: "Who else picked this one up?" Joseph S D Yao (May 05)
    - Re: "Who else picked this one up?" David Gillett (May 07)

(Thread continues...)