Snort mailing list archives
Re: Threat Management
From: twig les <twigles () yahoo com>
Date: Tue, 6 Aug 2002 12:08:43 -0700 (PDT)
Yes actually. So I suppose that the HP Openview or MRTG box would tell me about it. If I happen to look there that is. Sigh. Actually an interesting idea (well...to me) is having a standardized format for IDS alerts. You know like an IEEE thing where the fields would have to contain specified information in a specified format? Obviously the IEEE would probably not do this, but I'm a little rusty on my acronyms. Vendors could be compliant and then add there non-compliant stuff with an asterisk, kinda like databases right now. Anyhoo it's an idea (one that would likely take 3-5 years to materialize). Does anyone know if anybody is doing this yet? I don't see how the field can *not* be inhibited if no one does this in the future - too chaotic. --- Ian Macdonald <secsnort () dirk demon co uk> wrote:
Wouldn't a truck come under physical security :) ----- Original Message ----- From: "twig les" <twigles () yahoo com> To: "Steve Scott" <sjscott007 () earthlink net>; <snort-users () lists sourceforge net> Sent: Monday, August 05, 2002 12:58 PM Subject: Re: [Snort-users] Threat ManagementRead it, loved it. We have 3 IDS vendors (well, 2 vendors and snort), Cisco router acls, Solaris firewalls and another vendor firewall - allwanting todo things their own way. Crimany! I'd be luckytosee a truck drive through the dam data center. --- Steve Scott <sjscott007 () earthlink net> wrote:I recently finished a paper on the ThreatManagementspace and would like to share my findings will others. We are currently in the process of evaluating solutions in this space. Whileitsnot 100 percent complete it will provide an understanding of the concept. As I progress with the project I will continue to expand the paper. You can find it here: http://home.earthlink.net/~sjscott007/ Regards, Steve
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
=====
-----------------------------------------------------------
All warfare is based on deception.
-----------------------------------------------------------
__________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options orunsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
===== ----------------------------------------------------------- All warfare is based on deception. ----------------------------------------------------------- __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Threat Management Steve Scott (Aug 05)
- Re: Threat Management twig les (Aug 05)
- Re: Threat Management Ian Macdonald (Aug 06)
- Re: Threat Management twig les (Aug 06)
- Re: Threat Management Ian Macdonald (Aug 06)
- <Possible follow-ups>
- RE: Threat Management Hicks, John (Aug 07)
- RE: Threat Management Steve Scott (Aug 09)
- Re: Threat Management twig les (Aug 05)