Snort mailing list archives

Re: Rules to detect all the attacks listed in DARPA dataset ?

From: Jeff Kell <jeff-kell () utc edu>
Date: Tue, 20 Aug 2013 21:02:39 -0400

On 8/20/2013 8:39 PM, lists () packetmail net wrote:

I'm very curious why you've selected attack tools and scripts older
than a decade as a measure of IDS success? Are there any sigs against
"/timer1 0 5 /msg #funfactory LOLz itz a flood" I really miss land.c
and teardrop.c


Indeed.  If you pass the "test suite", congratulations, you're ready for
Y2K :)

Jeff


------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and 
AppDynamics. Performance Central is your source for news, insights, 
analysis and resources for efficient Application Performance Management. 
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!

Current thread:

Rules to detect all the attacks listed in DARPA dataset ? dsigma (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? Joel Esler (Aug 20)
- Re: Rules to detect all the attacks listed in DARPA dataset ? lists () packetmail net (Aug 20)
  - Re: Rules to detect all the attacks listed in DARPA dataset ? Jeff Kell (Aug 20)