[Snort-devel] Snort Anomaly Detection

Sandro guly Zaccarini guly at ...3113...
Tue Sep 14 02:48:19 EDT 2010


On Tue, Sep 14, 2010 at 07:35:30AM +0200, Bernhard Guillon wrote:
> 
> For PHAD you can use my patch [1].

do you plan to maintain this patch for future snort release?
 
> I also have written an open source 
> anomaly traffic generator to create a more up to date dataset and tested 
> the implementation with it. I am currently cleaning it up for 
> publishing. It uses Virtual Machines some simulation theorie and Python. 
> It supports modules for "normal" traffic generation 
> (Firefox,email,Skype,FTP) and anomaly traffic generation (metasploit, 
> nmap, and arpspoof).

seems very interesting :)
 
sz
-- 
  /"\   taste your favourite IT consultant
  \ /   gpg public key http://www.guly.org/guly.asc
   X    
  / \   





More information about the Snort-devel mailing list