[Snort-users] Threat Management

twig les twigles at ...131...
Tue Aug 6 12:09:15 EDT 2002


Yes actually.  So I suppose that the HP Openview or
MRTG box would tell me about it.  If I happen to look
there that is.  Sigh.

Actually an interesting idea (well...to me) is having
a standardized format for IDS alerts.  You know like
an IEEE thing where the fields would have to contain
specified information in a specified format? 
Obviously the IEEE would probably not do this, but I'm
a little rusty on my acronyms.

Vendors could be compliant and then add there
non-compliant stuff with an asterisk, kinda like
databases right now.  Anyhoo it's an idea (one that
would likely take 3-5 years to materialize).  Does
anyone know if anybody is doing this yet?  I don't see
how the field can *not* be inhibited if no one does
this in the future - too chaotic.


--- Ian Macdonald <secsnort at ...5528...> wrote:
> Wouldn't a truck come under physical security :)
> ----- Original Message -----
> From: "twig les" <twigles at ...131...>
> To: "Steve Scott" <sjscott007 at ...741...>;
> <snort-users at lists.sourceforge.net>
> Sent: Monday, August 05, 2002 12:58 PM
> Subject: Re: [Snort-users] Threat Management
> 
> 
> > Read it, loved it.  We have 3 IDS vendors (well, 2
> > vendors and snort), Cisco router acls, Solaris
> > firewalls and another vendor firewall - all
> wanting to
> > do things their own way.  Crimany!  I'd be lucky
> to
> > see a truck drive through the dam data center.
> >
> >
> > --- Steve Scott <sjscott007 at ...741...> wrote:
> > > I recently finished a paper on the Threat
> Management
> > > space and would
> > > like to share my findings will others.  We are
> > > currently in the process
> > > of evaluating solutions in this space.  While
> its
> > > not 100 percent
> > > complete it will provide an understanding of the
> > > concept.  As I progress
> > > with the project I will continue to expand the
> > > paper.
> > >
> > > You can find it here:
> > > http://home.earthlink.net/~sjscott007/
> > >
> > > Regards,
> > >
> > > Steve
> > >
> > >
> > >
> > >
> > >
> > >
> >
>
-------------------------------------------------------
> > > This sf.net email is sponsored by:ThinkGeek
> > > Welcome to geek heaven.
> > > http://thinkgeek.com/sf
> > > _______________________________________________
> > > Snort-users mailing list
> > > Snort-users at lists.sourceforge.net
> > > Go to this URL to change user options or
> > > unsubscribe:
> > >
> >
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> > > Snort-users list archive:
> > >
> >
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> >
> > =====
> >
>
-----------------------------------------------------------
> > All warfare is based on deception.
> >
>
-----------------------------------------------------------
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Health - Feel better, live better
> > http://health.yahoo.com
> >
> >
> >
>
-------------------------------------------------------
> > This sf.net email is sponsored by:ThinkGeek
> > Welcome to geek heaven.
> > http://thinkgeek.com/sf
> > _______________________________________________
> > Snort-users mailing list
> > Snort-users at lists.sourceforge.net
> > Go to this URL to change user options or
> unsubscribe:
> >
>
https://lists.sourceforge.net/lists/listinfo/snort-users
> > Snort-users list archive:
> >
>
http://www.geocrawler.com/redir-sf.php3?list=snort-users
> >
> 


=====
-----------------------------------------------------------
All warfare is based on deception.
-----------------------------------------------------------

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com




More information about the Snort-users mailing list