Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Snort Anomaly Detection

From: Sandro guly Zaccarini <guly () luv guly org>
Date: Tue, 14 Sep 2010 08:48:19 +0200
On Tue, Sep 14, 2010 at 07:35:30AM +0200, Bernhard Guillon wrote:


For PHAD you can use my patch [1].


do you plan to maintain this patch for future snort release?
 

I also have written an open source 
anomaly traffic generator to create a more up to date dataset and tested 
the implementation with it. I am currently cleaning it up for 
publishing. It uses Virtual Machines some simulation theorie and Python. 
It supports modules for "normal" traffic generation 
(Firefox,email,Skype,FTP) and anomaly traffic generation (metasploit, 
nmap, and arpspoof).


seems very interesting :)
 
sz
-- 
  /"\   taste your favourite IT consultant
  \ /   gpg public key http://www.guly.org/guly.asc
   X    
  / \   


------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Previous By Date Next
Previous By Thread Next

Current thread: