Snort mailing list archives

Re: Hi

From: Joel Esler <eslerj () gmail com>
Date: Tue, 14 Jun 2005 15:27:16 -0400

Yeah. didn't think so. Thanks for the correction, i think i meant to type 
swatch...



On 6/14/05, Matt Kettler <mkettler () evi-inc com> wrote:


Joel Esler wrote:

swatch, that's what i meant.. not spade (does spade do that?)


Spade generate emails?

No..

SPADE (Statistical Probability Detection Engine) is a detection plugin for
snort. Think of it as bayes for portscans. It uses a statistics to detect 
if a
particular connection port/ip pairing is "outside the norm" based on past
observations.


It is not a management front end or output plugin. Thus, spade generates 
alerts,
but has nothing to do with where they go.

Current thread:

Hi Srinivas Katta (Jun 14)
- Re: Hi Joel Esler (Jun 14)
- <Possible follow-ups>
- RE: Hi Srinivas Katta (Jun 14)
  - Re: Hi Matt Kettler (Jun 14)
  - Re: Hi Senthil Prabu.S (Jun 14)
- RE: Hi Srinivas Katta (Jun 14)
- RE: Hi Pachulski, Keith (Jun 15)
  - Re: Hi Joel Esler (Jun 14)
    - Re: Hi Matt Kettler (Jun 14)
    - Re: Hi Joel Esler (Jun 14)
- RE: Hi Harper, Patrick (Jun 15)
- RE: Hi Srinivas Katta (Jun 15)