[Snort-devel] combining snort with neural net

Roland Turner (SourceForge) raz.fs.arg at ...2131...
Mon Apr 18 07:37:26 EDT 2005


gavin mc auley said:


> examples. I was wondering if you would have or know where I could get
> more samples of such captured attack traffic.


This is probably more a question for snort-users, but in short:


- http://metaspoilt.com/ is a souce for actual attacks, which would
provide "real" test data for your neural net, but beware, there's the
opportunity to do actual harm with this stuff if you're not careful.

- Stick/Snot generate arbitrary datagrams to match any Snort rule; if your
need is to compare your neural net's response to that of human-designed
matching, then this approach provides a much larger set of data for
comparison than metasploit does, albeit with a substantial head-start for
the human-designed case.

Hope this helps.


- Raz






More information about the Snort-devel mailing list