Re: Distributed intrusion detection systems

["Giovanni Davide Sacca'" <giovannidavide.sacca () zucchetti com>]

Hi

You can use snort+SnortALog by Jeremy CHARTIER
(http://jeremy.chartier.free.fr/snortalog/)

I hope can help you ;)

Best Regards
--


Davide Sacca' --Networking Staff
Zucchetti.com
C.so Vittorio Emanuele II, 21
26900 Lodi (LO) ITALY
tel: +39 0371 5942850
GPG key: 0xAD3170FE
Key fingerprint =>63BF 78E3 6570 4678 904A  E865 1B13 4483 AD31 70FE<=
> > > <alakhno () gmail com> 02/08/07 4:21 PM >>>
 Hello!
I'm looking for the examples of distributed intrusion detection systems.
Here I mean intrusion detection systems, those collect network data from
multiple agents and analyze it using one expert system.

I'm especially interested in concrete examples of successful intrusion
detections those highlight benefits of distributed IDS in comparison
with multiple usual intrusion detection systems installed.

Besides I'm looking for articles on distributed intrusion detection
systems. Detection of traffic flows correlations, network graph models,
graph metrics and network flows statistics are particularly interesting
as used here.

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw

to learn more.
------------------------------------------------------------------------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------