IDS Terminology

["Talisker" <offthecuff () lineone net>]

Some time ago I wrote an article for SecurityFocus on "Intrusion
Detection System Terminology", containing brief descriptions of a variety of
IDS terms.  The rapid evolution of IDS has resulted in the article soon
becoming dated and inaccurate.  I wish to update the article introducing new
and omitted terms as well as correcting a few inaccurate terms.  Some
suggestions are the correction of "resets not being sent from a stealth
interface" and inclusion of some of the newer evolving terms such as
Intrusion Prevention Systems etc.

The problem I encountered with the previous article was finding and
prioritising all the terms, despite some years of experience and several IDS
books with indexes I'm still only human, though those of you that know me
may
question that.

I'd really appreciate suggestions from members of suitable terms for
inclusion, with or without descriptions [off-list].  The article may be of
use to those entering the field of IDS or others like me who find it hard to
remember during those senior moments, it is also my intention to revisit the
article more regularly making it more of a living document.

Original Articles
http://www.securityfocus.com/infocus/1213
http://www.securityfocus.com/infocus/1214

Thanks for taking the time to read this mail, kindly email me with any
suggestions.

-andy

Taliskers Network Security Tools
http://www.networkintrusion.co.uk

Taliskers Network Security Tools
http://www.networkintrusion.co.uk