Snort mailing list archives

Re: Rules to detect all the attacks listed in DARPA dataset ?

From: "lists () packetmail net" <lists () packetmail net>
Date: Tue, 20 Aug 2013 19:39:19 -0500

On 08/20/2013 07:16 PM, dsigma wrote:

And how could I detect all the attacks listed in DARPA, 
(http://www.ll.mit.edu/mission/communications/cyber/CSTcorpora/ideval/docs/attacks.html). Is there a set of rules 
that could detect all the attacks? 

Any help would be appreciated.


Hello,

I'm very curious why you've selected attack tools and scripts older than a
decade as a measure of IDS success?  Are there any sigs against "/timer1 0 5
/msg #funfactory LOLz itz a flood"

I really miss land.c and teardrop.c

Best Wishes,
Nathan



------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Rules to detect all the attacks listed in DARPA dataset ? dsigma (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? Joel Esler (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? lists () packetmail net (Aug 20)
  - Re: Rules to detect all the attacks listed in DARPA dataset ? Jeff Kell (Aug 20)