Snort mailing list archives
Re: Rules to detect all the attacks listed in DARPA dataset ?
From: Jeff Kell <jeff-kell () utc edu>
Date: Tue, 20 Aug 2013 21:02:39 -0400
On 8/20/2013 8:39 PM, lists () packetmail net wrote:
I'm very curious why you've selected attack tools and scripts older than a decade as a measure of IDS success? Are there any sigs against "/timer1 0 5 /msg #funfactory LOLz itz a flood" I really miss land.c and teardrop.c
Indeed. If you pass the "test suite", congratulations, you're ready for Y2K :) Jeff ------------------------------------------------------------------------------ Introducing Performance Central, a new site from SourceForge and AppDynamics. Performance Central is your source for news, insights, analysis and resources for efficient Application Performance Management. Visit us today! http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Rules to detect all the attacks listed in DARPA dataset ? dsigma (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? Joel Esler (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? lists () packetmail net (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? Jeff Kell (Aug 20)