Re: how to verify whether an attack attempt is successful?

["Yan Zhai" <yzhai () unity ncsu edu>]

The out put of IDS are a number alerts on different attack signatures, among
those signatures, some of them are the signatures of successful attacks
(e.g. backdoor), some of them are attack attempts.  And I am interested in
whether there's any automatic tools/technology to analysis those attempts
and decide whether they are successful.

-Yan


----- Original Message -----
From: "Maher Odeh" <rax () netvision net il>
To: "Yan Zhai" <yzhai () unity ncsu edu>; <focus-ids () securityfocus com>
Sent: Wednesday, January 15, 2003 5:05 PM
Subject: RE: how to verify whether an attack attempt is successful?


> Hello Yan
>
> Your question isn't clear enough, do you want to know if the attack is
successful from the client or the victim side ?
> and what type of attack ? do you mean some sort of tripwire that checks if
files changed then alert the victim
> or do you mean some sort of acknowledgment on some sort of attack to the
attacker ? please be more clear
> Thanks
>
>
> -----Original Message-----
> From: Yan Zhai [mailto:yzhai () unity ncsu edu]
> Sent: Mon 1/13/2003 6:59 PM
> To: focus-ids () securityfocus com
> Cc:
> Subject: how to verify whether an attack attempt is successful?
>
>
>
>
>
> Is there any technology developed in this direction?