[Snort-sigs] Bases for writting snort rules

Guy Martial Nkenne Tchassi nkennetguy at ...2420...
Thu Jun 6 12:21:46 EDT 2013


I'm asking that because i have noticed, many security managers use IDS
and IPS without even understanding the notion of intrusion. They often
think that it can only be caused by a hackers. For my part i've been
told it was more than that. But i don't really know what other actions
or events are considered like an intrusion in the network.
The other reason for my question is that i want to do a survey of
network intrusion on a network fonctionning on the bases of a protoclo
stack different from TCP/IP.
So any documentation or link to documents on caracteristics of
intrusions will be very helpfull

Thanks.




More information about the Snort-sigs mailing list