Re: Application level IDS?

["K. K. Mookhey" <cto () nii co in>]

Hey,

> Is there anything like an "application level IDS" ?
> (similar to what is now called "application
> firewall"?)
Actually this is an absolutely interesting concept. And those guys at Appsec Inc, have this in beta. Its called 
AppRadar, and according to their site:
"AppRadarT is a network-based, intrusion detection solution strictly for application-specific attacks and malicious 
behavior." 
However:
"AppRadarT will initially support Microsoft SQL Server. "

> Does something like that exist? Has any of you
> implemented it? Can it be implemented using any of the
> existing IDS's (maybe on top of Snort's stream4?

There must be others as well. We have not implemented it, because the only way to do that would be to join their 
beta testing program, I guess. Which you could try.

Cheers,

K. K. Mookhey
CTO,
Network Intelligence India Pvt. Ltd.
Web: www.nii.co.in
=================================
Security Auditing Software - AuditPro
http://www.nii.co.in/products.html
=================================

-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists.  See for yourself what the buzz is about!
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------