IDS mailing list archives
Re: HTTP LOG files Labeling
From: wangweifrequent () gmail com
Date: 21 May 2008 08:08:47 -0000
Hi Abhishek, Thanks for your reply. Are there some methods or tools or IDS that can be used to automatically detect HTTP attacks? Because the size of the HTTP files is very large and it is difficult to label the data line by line with hand. Wei From: Abhishek Singh To: wangweifrequent,focus-ids Sent: 2008-05-21, 07:26:41 Subject: RE: HTTP LOG files Labeling Hi Wei, There can be many ways to classify/label the log files. I think one of the method can be to classify them as per the application type. For example the sample log is using Mozilla. Another option is to classify them as per the extension of files (Dynamic or Static files). For example in the sample log file, the extension of file is .gif I hope it helps. Best Regards, Abhishek Singh ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
Current thread:
- HTTP LOG files Labeling wangweifrequent (May 20)
- RE: HTTP LOG files Labeling dai.morgan (May 21)
- <Possible follow-ups>
- Re: HTTP LOG files Labeling abhicc285 (May 21)
- Re: HTTP LOG files Labeling wangweifrequent (May 21)
- Re: HTTP LOG files Labeling Stefano Zanero (May 21)
- Re: HTTP LOG files Labeling Christian Bockermann (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 21)
- Re: Re: HTTP LOG files Labeling wangweifrequent (May 22)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)
- Re: HTTP LOG files Labeling "Zow" Terry Brugger (May 23)
- Re: HTTP LOG files Labeling Stefano Zanero (May 22)