Alex Butcher, ISC/ISYS
Alex.Butcher at ...11254...
Tue Sep 14 02:26:19 EDT 2004
--On 14 September 2004 09:47 +0300 subway at ...12426... wrote:
> SPADE is Statistical Packet Anomaly Detection Engine for Snort. Does
> anyone know if it is still being developed?
I don't think so, no.
> The website http://www.silicondefence.com/ has disappeared and that's
> where SPADE was available.
Silicon Defense's assets were bought by Demarc.
> I know SPADE is also included in snort-2.2.0.tar.gz.
That doesn't appear to be the case. The latest version of SPADE appears to
be included in the OS-SIM snort (src.)RPM. It patches cleanly into Snort
2.2.0 and appears to work (though it needs a bit of patching to prevent
snort segfaulting on plugin cleanup when run in -T mode).
> Another question: is there any paper available where techniques used by
> SPADE are described in detail?
RTFS ? ;-)
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
More information about the Snort-users