IDS mailing list archives
HTTP LOG files Labeling
From: wangweifrequent () gmail com
Date: 20 May 2008 15:05:40 -0000
Hi All, We are working on anomaly detection of HTTP attacks. In fact, we have collected a large amount of HTTP logs (apache sever), but we didn't use IDS to label the data during collection. Does any one know how to label the HTTP logs? for example: one http log line like : burtul.xx.fr - - [10/May/2007:14:46:07 +0200] "GET /ariana/Images/Icones/sound.gif HTTP/1.0" 200 579 http://www-sop.inria.fr/ariana/fr/xx "Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.7.13) Gecko/20060417" Any suggestions are very appreciated. Wei WANG INRIA 2008-05-20 ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- HTTP LOG files Labeling wangweifrequent (May 20)
- RE: HTTP LOG files Labeling dai.morgan (May 21)
- <Possible follow-ups>
- Re: HTTP LOG files Labeling abhicc285 (May 21)
- Re: HTTP LOG files Labeling wangweifrequent (May 21)
- Re: HTTP LOG files Labeling Stefano Zanero (May 21)
- Re: HTTP LOG files Labeling Christian Bockermann (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 21)
- Re: Re: HTTP LOG files Labeling wangweifrequent (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)
- Re: HTTP LOG files Labeling "Zow" Terry Brugger (May 23)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)