IDS mailing list archives

Re: Papers on Intrusion Analysis and Response

From: DAVID MARKLE <davidmarkle () comcast net>
Date: Mon, 23 Jun 2003 13:42:07 -0400

Eric,

Gary Golomb (Enterasys) put a nice paper out on the demystification of 
IDS a few months ago.  It had a real nice example of stepping through 
an attack.  Below is the link.

https://dragon.enterasys.com/wp/ID_Methodologies_Demystified.pdf
http://www.enterasys.com/products/ids/whitepapers/





----- Original Message -----
From: Eric Hines <eric.hines () appliedwatch com>
Date: Monday, June 23, 2003 12:22 pm
Subject: Papers on Intrusion Analysis and Response

Has anyone on this list come across any process descriptions or
whitepapers on Event Analysis, intrusion analysis, etc? A paper that
details steps and/or methodologies in the analysis of events generated
by Intrusion Detection Systems?

Thanks!

Eric Hines
CEO, Chairman
Applied Watch Technologies, Inc.
http://www.appliedwatch.com

===============================================

Eric Hines
CEO, Chairman
Applied Watch Technologies, Inc.
eric.hines () appliedwatch com
-----------------------------------------------
Corporate Headquarters
1650 Carlemont Dr. 
Suite D 
Crystal Lake, IL. 60014 
-----------------------------------------------
Direct Toll Free: (877) 262-7593 (x327)
Fax: (815) 425-2173 
-----------------------------------------------
Main Switchboard: (877) 262-7593 (9am-5pm CST)
Commercial Sales: (877) 262-7593 (opt1)
Government Sales: (877) 262-7593 (opt2)
-----------------------------------------------
"Welcome to a new breed of Snort IDS Managers"
===============================================


-------------------------------------------------------------------
------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las 
Vegas, the 
world's premier technical IT security event! 10 tracks, 15 
training sessions, 
1,800 delegates from 30 nations including all of the top experts, 
from CSO's to 
"underground" security specialists.  See for yourself what the 
buzz is about!  
Early-bird registration ends July 3.  This event will sell out. 
www.blackhat.com---------------------------------------------------
----------------------------



-------------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
-------------------------------------------------------------------------------

Current thread:

Papers on Intrusion Analysis and Response Eric Hines (Jun 23)
- Re: Papers on Intrusion Analysis and Response Rodney Green (Jun 25)
- Re: Papers on Intrusion Analysis and Response Anton A. Chuvakin (Jun 25)
- <Possible follow-ups>
- Re: Papers on Intrusion Analysis and Response DAVID MARKLE (Jun 23)