Intrusion Detection Systems mailing list archives

Re: NIDS Patent

From: inno () patriot net (Inno Eroraha)
Date: Fri, 26 May 2000 07:23:23 -0400 (EDT)


Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
Hasn't this been implemented as a product? From the abstract, it
appears this is similar in function to most network-based IDS that are
already ubiquitous. Then, again, I don't have all the details.

-0-
inno

On Fri, 26 May 2000, turnere wrote:

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owner () uow edu au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomo () uow edu au
-----------------------------------------------------------------------------
Hello fellow list users,

I was just doing a patent search from within the US Patent and Trademark
Office's database, and found the following patent:

 United States Patent 

5,796,942
 Esbensen

Aug. 18, 1998


Method and apparatus for automated network-wide surveillance and security
breach intervention 

                                                 Abstract

A network surveillance system includes a handler process (10) for
capturing network packets and filtering invalid packets, a first and
second
continuously sorted record file (15a, 15b), and a scanner process (30) for
scanning all sessions occurring on the network and checking for the
presence of certain rules (38). When a rule is met, indicating a security
incident, a variety of appropriate actions may be taken, including
notifying a network security officer via electronic or other mail or
recording or terminating a network session. The surveillance system
operates
completely independently of any other network traffic and the network file
server and therefore has no impact on network performance.
According to a further embodiment, the invention may include remote
surveillance agents (100a-c) for gathering network packets at a remote
location and transferring them to a server (110) for analysis by a network
surveillance system. 


 Inventors: 
          Esbensen; Daniel (Kihei, HI). 
 Assignee: 
          Computer Associates International, Inc. (Islandia, NY). 
 Appl. No.: 
          749,352
 Filed: 
          Nov. 21, 1996

Current thread:

Date: Tue, 23 May 2000 10:36:35 +0800, (continued)
- - Date: Tue, 23 May 2000 10:36:35 +0800 tongcd (May 22)
    - Re: Date: Tue, 23 May 2000 10:36:35 +0800 Inno Eroraha (May 23)
    - Intrusion Detection and Incident Handling Authors Needed Jensenne Roculan (May 23)
    - Please excuse me, this is a test mail. Akshay Kumar Sreeramoju (May 23)
    - TESTING: Please disregard this Akshay Kumar Sreeramoju (May 23)
    - TESTING: Please disregard this message Akshay Kumar Sreeramoju (May 23)
    - RE: Intrusion Detection and Incident Handling Authors Needed Lubbers, Louis (May 23)
    - core dump SHAIFUL HASHIM (May 26)
    - Re: core dump Johnathan Norman (May 26)
    - NIDS Patent turnere (May 26)
    - Re: NIDS Patent Inno Eroraha (May 26)
    - Re: NIDS Patent Stuart Staniford (May 26)
- RE: IDS & SNMP Sanchez-Cherry, Kevin (May 19)