Intrusion Detection Systems mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Real Traffic (was Re: BlackICE IDS)

From: stuart () SiliconDefense com (Stuart Staniford-Chen)
Date: Tue, 07 Dec 1999 13:13:31 +0000



Trevor Schroeder wrote:


On Tue, 7 Dec 1999, Stuart Staniford-Chen wrote:


this.  We had a bunch of IDS systems running (if memory serves,
RealSecure, NAI Cybercop server, and two research systems - NetRadar and
Emerald), and we centralized the reports from all of them.  Then we
played a variety of attack scripts over the network, and saw what
reports each of them generated, as well as what false alarms they tended
to generate (we had a background traffic generator going).


Interesting... Were there any writeups on this?
..........................................................................
: "I knew it was going to cost me my head and also my swivel chair, but  :
: I thought: What the hell--better men than I have risked their heads    :
: and their swivel chairs for truth and justice." -- James P. Cannon     :
:........... http://www.zweknu.org/ for PGP key and more ................:


http://www.gidos.org/demo/#june1999 has a short summary.  That's all I
can find right now.

Stuart.

-- 
Stuart Staniford-Chen --- President --- Silicon Defense
                   stuart () silicondefense com
(707) 822-4588                     (707) 826-7571 (FAX)
Previous By Date Next
Previous By Thread Next

Current thread: