Snort mailing list archives
Re: SPADE
From: "Alex Butcher, ISC/ISYS" <Alex.Butcher () bristol ac uk>
Date: Tue, 14 Sep 2004 10:24:55 +0100
--On 14 September 2004 09:47 +0300 subway () jippii fi wrote:
Hello, SPADE is Statistical Packet Anomaly Detection Engine for Snort. Does anyone know if it is still being developed?
I don't think so, no.
The website http://www.silicondefence.com/ has disappeared and that's where SPADE was available.
Silicon Defense's assets were bought by Demarc.
I know SPADE is also included in snort-2.2.0.tar.gz.
That doesn't appear to be the case. The latest version of SPADE appears to be included in the OS-SIM snort (src.)RPM. It patches cleanly into Snort 2.2.0 and appears to work (though it needs a bit of patching to prevent snort segfaulting on plugin cleanup when run in -T mode).
Another question: is there any paper available where techniques used by SPADE are described in detail?
RTFS ? ;-) Best Regards, Alex. -- Alex Butcher: Security & Integrity, Personal Computer Systems Group Information Systems and Computing GPG Key ID: F9B27DC9 GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9 ------------------------------------------------------- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement onwho ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 13. Go here: http://sf.net/ppc_contest.php
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users