Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

IDS: Re: HTTP LOG files Labeling

Re: HTTP LOG files Labeling

From: <wangweifrequent_at_gmail.com>
Date: 21 May 2008 08:08:47 -0000
('binary' encoding is not supported, stored as-is) Hi Abhishek,
 
Thanks for your reply.
 
Are there some methods or tools or IDS that can be used to automatically detect HTTP attacks? Because the size of the HTTP files is very large and it is difficult to label the data line by line with hand.
 
Wei
 
From: Abhishek Singh
To: wangweifrequent,focus-ids
Sent: 2008-05-21, 07:26:41
Subject: RE: HTTP LOG files Labeling

Hi Wei,

 There can be many ways to classify/label the log files. I think one of the method can be to classify them as per the application type. For example the sample log is using Mozilla.

 Another option is to classify them as per the extension of files (Dynamic or Static files). For example in the sample log file, the extension of file is .gif

  I hope it helps.

Best Regards,
Abhishek Singh

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Received on May 21 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]