IDS mailing list archives
IDS: portscan detection
From: <mosquitooth () gmx net>
Date: 9 Mar 2003 10:50:28 -0000
Hi guys, I'm currently writing a IDS for Windows Operating Systems (yeah, I know *g*). I managed to capture all the data that is sent/received on the network and to store it (that means all the headers and the payload) in an array. Now, what's the best way to search for attempted portscans in the collected traffic? What's the best (fastest) algorithm to use? Is there any source code (C++) available on this? Thanks a lot mosquitooth ----------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
Current thread:
- IDS: portscan detection mosquitooth (Mar 09)