Snort mailing list archives
Re: Rules to detect all the attacks listed in DARPA dataset ?
From: "lists () packetmail net" <lists () packetmail net>
Date: Tue, 20 Aug 2013 19:39:19 -0500
On 08/20/2013 07:16 PM, dsigma wrote:
And how could I detect all the attacks listed in DARPA, (http://www.ll.mit.edu/mission/communications/cyber/CSTcorpora/ideval/docs/attacks.html). Is there a set of rules that could detect all the attacks? Any help would be appreciated.
Hello, I'm very curious why you've selected attack tools and scripts older than a decade as a measure of IDS success? Are there any sigs against "/timer1 0 5 /msg #funfactory LOLz itz a flood" I really miss land.c and teardrop.c Best Wishes, Nathan ------------------------------------------------------------------------------ Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Rules to detect all the attacks listed in DARPA dataset ? dsigma (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? Joel Esler (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? lists () packetmail net (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? Jeff Kell (Aug 20)