IDS mailing list archives

Previous By Date Next
Previous By Thread Next

98/99 Darpa Test Dataset

From: suzzane <suzzanesiu () gmail com>
Date: Fri, 20 Oct 2006 18:42:09 -0700 (PDT)

Hi there!
I am now engaged in separating the 98/99 Darpa BSM dataset, that is, I
separate the BSM audit data according to sessions. But I can't get the right
answer. 
For example, when I process the sample dataset, I can only get 38 sessions,
while the BSM list of the sample dataset comes up with 64 sessions. 
Anyone here has ever come across this problem?
And what if in the BSM audit record, the session id equals '0'? What does it
mean?
Thanks so much!
-- 
View this message in context: http://www.nabble.com/98-99-Darpa-Test-Dataset-tf2484674.html#a6928363
Sent from the IDS (Intrusion Detection System) mailing list archive at Nabble.com.


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: