Snort mailing list archives
RE: DoD plugin?
From: "Ofir Arkin" <ofir () sys-security com>
Date: Wed, 2 May 2001 23:51:01 -0700
Dahlgren Naval Surface Warfare Center which developed SHADOW is now working on the next version. SNORT is to replace TCPDUMP. Ofir Arkin [ofir () sys-security com] Founder The Sys-Security Group http://www.sys-security.com PGP CC2C BE53 12C6 C9F2 87B1 B8C6 0DFA CF2D D360 43FA -----Original Message----- From: snort-users-admin () lists sourceforge net [mailto:snort-users-admin () lists sourceforge net]On Behalf Of Clifford, Shawn A Sent: Monday, April 30, 2001 7:32 AM To: snort-users (E-mail) Subject: [Snort-users] DoD plugin? This was in the lastest SANS training email. Does anyone know more about this plugin, whether it will become public, etc? Is there already something similar available? -- Shawn -------------------------------------- In the last SANS and GIAC update we talked about fighting back. Thank you for all the responses, it turns out this is a hot theme. You can see it in action on web pages like http://www.dshield.org/fightback.html http://www.mynetwatchman.com and www.incidents.org. The only thing missing is you if you aren't a contributor. By the way, we are having trouble getting to word to Asia Pacific region ISPs. If you are in the Asia Pacific region and you are willing to help, would you please send the: - Name of your ISP - Their IP address range - Contact point for abuse or incidents to info () dshield org **************************************** Information Security Heroes All of these "fight back" programs involve making sense of large volumes of data. To do that we need techniques that allow for massive data reduction. Lt. Stephen D. Donald USN, and Captain Robert V. McMillen USMC, from the Naval Postgraduate School. worked for months, 7 days a week, taking as little time for sleep as possible, building a new intrusion detection capability based on a Snort plugin. The tool, while still under development, provides a realtime, intuitive graphics display and is being used by analysts on operational DoD networks as one more capability to help defend networks and identify cyber- attacks for which there is no known signature. This is a DoD project and I don't know if it will ever be available for the general population, but this is exactly the sort of progress that we, as a community, need to make. -------------------------------------- _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- DoD plugin? Clifford, Shawn A (Apr 30)
- Re: DoD plugin? Fyodor (Apr 30)
- Re: DoD plugin? shawn . moyer (Apr 30)
- RE: DoD plugin? Ofir Arkin (May 02)