IDS mailing list archives

RE: Distributed IDS

From: "Mail Archive" <tracker () eapdefense com>
Date: Thu, 9 Oct 2003 12:36:31 -0000


Hi gaurav,
Take a look at Snortnet' A Distributed Intrusion Detection System (2000)
http://citeseer.nj.nec.com/fyodor00snortnet.html

It matches much of the details asked by you.

-regs
harshul

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT d-(--) s:- a-- C++@ UL P+ L++ E+ W++@ N++ o? K- w O? M? V? PS+ PE++ Y?
PGP t+ 5? X R tv+ b++ DI+ D G++ e++>+++ h!@ r! !y+
------END GEEK CODE BLOCK------
Harshul AT sintelli DOT com
Copyright © 2002-2003 Sintelli Ltd.
http://www.sintelli.com

-----Original Message-----
From: Gaurav [mailto:gaurav_jindal () da-iict org]
Sent: Sunday, October 05, 2003 2:12 PM
To: focus-ids () securityfocus com
Subject: Distributed IDS


Hi ,

I would like to have suggestions about the Implementations of an
Distributed Intrusion Detection System:

1. What Architectures can be deployed for distributed architecture?
2. From Research Point of view what limitations does current IDS have
and what new could be done.
3. How to write scalable Module driven projects?
4. Any source code available to develop mobile agents in c/c++?
5. What other pacakages available in C/C++ could be used for
Implementation of Distributed IDS?

If you could give me suggestions on any of the above points, it would be
great.

Regards,
Gaurav

"Obstacles are those frightful things you see when you take your eyes
off the goal." - Hannah More

---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to:
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------


---------------------------------------------------------------------------
Captus Networks IPS 4000
Intrusion Prevention and Traffic Shaping Technology to: 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Precisely Define and Implement Network Security & Performance Policies
FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo 
http://www.securityfocus.com/sponsor/CaptusNetworks_focus-ids_000101
---------------------------------------------------------------------------

Current thread:

Distributed IDS Gaurav (Oct 08)
- RE: Distributed IDS Mail Archive (Oct 09)
- Re: Distributed IDS Yoann Vandoorselaere (Oct 09)