IDS mailing list archives
30-ish page whitepaper
From: "Golomb, Gary" <GGolomb () enterasys com>
Date: Wed, 26 Feb 2003 15:19:55 -0500
Hi there all! On the subject of Pattern Matching vs. Protocol Decoding vs. Anomaly Detection... (Hopefully this issue hasn't already been beaten to a bloody pulp!) By request of a few people, we recently re-released a paper on this subject. (Originally written six to nine months ago, this new version was condensed and updated a little.) It's a technical look at the different methodologies available for performing Intrusion Detection that expands heavily on the excellent article recently written by Matt Tanase. It's not just marketing speak like other available whitepapers. Half of this document is devoted to probe/exploit/compromise analysis (then correlated to each of the various methods). It should be an interesting read for those who are trying to get a handle on all the buzzwords and the storm of marketing propaganda out there! I couldn't attach it to this message (it bounced), but it's available at http://dragon.enterasys.com/downloads/ID_Methodologies_Demystified.pdf. Hope you find it relevant, accurate, and useful. Please feel free to contact me with any questions or corrections. It's important for me to keep this as precise and truthful as possible. Thanks! :) -gary ----------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
Current thread:
- 30-ish page whitepaper Golomb, Gary (Feb 26)
- <Possible follow-ups>
- Re: 30-ish page whitepaper Konrad Rieck (Feb 27)