[Snort-users] Anomaly detection and Snort
Michael.DeGraw-Bertsch at ...14101...
Fri Apr 13 11:07:29 EDT 2007
At this time, we're thinking of a binary release. I have been
discussing the open source option with our management, however.
From: David J. Bianco [mailto:david at ...13799...]
Sent: Thursday, April 12, 2007 4:37 PM
To: Mike DeGraw-Bertsch; snort-users at lists.sourceforge.net
Subject: Re: [Snort-users] Anomaly detection and Snort
Mike DeGraw-Bertsch wrote:
> My company, CounterStorm, has developed packet content level anomaly
> detection for the security space. The technology builds statistical
> models of the contents of network traffic, and looks for anomalies
> within this. It's distinctly different from most AD technology in
> that it's actually working on layer 7, not just looking at traffic
> We're considering making this available as a Snort module.
Sounds pretty neat. Is this something you're considering releasing as
open source, or a binary-only distribution?
More information about the Snort-users