IDS mailing list archives

Re: Anomaly based network IDS

From: Dale Gardner <dale () marketfoundry com>
Date: Wed, 02 Apr 2003 07:45:28 -0500

How does it determine what is suspicious?

DRG

on 3/28/03 6:18 PM, Brian Hernacki at bhern () meer net wrote:

Actually Manhunt's protocol anomaly detection monitors for both protocol
deviations and 'compliant but suspicious' protocol activity.


-- 

Dale Gardner
dale_gardner () earthlink net


-----------------------------------------------------------
ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
Learn why 70% of today's successful hacks involve Web Application
attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter 
Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71

Current thread:

Re: Anomaly based network IDS Dale Gardner (Apr 02)
- Re: Anomaly based network IDS Brian Hernacki (Apr 03)