Location:
Search - nids
Search list
Description: This white paper aims at briefly describing the technologies currently used in
filter design in Network-based Intrusion Detection System (NIDS). We will consider
the advantages and drawbacks of using signature filters versus anomaly filters,
and more particularly protocol anomaly filters.
This is the result of research work done at Defcom Sweden, Stockholm.
Platform: |
Size: 17408 |
Author: sinsin |
Hits:
Description: Snort是一个轻量级的网络入侵检测系统(NIDS),采用Misused 模式进行检测。在1.7里,新增加的Spade插件使得Snort支持Anormal模式检测。Snort的检测规则是二维的,即包含规则头和规则选项两部分,这比较其他IDS定义的规则来说简单的多。Snort新的插件reference可以将确定的攻击行为同Bugtraq, CVE , arachNIDS, McAfee virus这些标准的攻击标识库结合,给出在线的有关此攻击的URL参考资料。snort的探测规则库也是时时更新反映上面这些库的变化,用户可以到www.snort.org上下载新的规则库文件。-Snort is a lightweight network intrusion detection system (NIDS), were detected by Misused mode. In 1.7, the newly added Spade plug-in allows Snort to support Anormal mode detection. Snort detection rules is two-dimensional, which includes the rules and the rules the first two options, which compared with other IDS rules defined for simple and more. Snort plug-reference the new attack can be identified with the Bugtraq, CVE, arachNIDS, McAfee virus attacks these standards identify libraries combined, give an online reference URL for this attack. snort detection rules database is constantly updated to reflect the above changes in these libraries, the user can go to download the new rules www.snort.org library.
Platform: |
Size: 4668416 |
Author: zhangruixue |
Hits:
Description: NIDS并行体系结构及算法NIDS parallel architecture and algorithm-NIDS parallel architecture and algorithm
Platform: |
Size: 240640 |
Author: tai234 |
Hits:
Description: linux 下的入侵检测设计,包括网络数据包捕获模块,协议分析模块,规则解析模块等-linux ids
Platform: |
Size: 25600 |
Author: wang |
Hits:
Description: 一个基于网络的入侵检测系统,希望对大家的学习有所帮助-A network-based intrusion detection system, we want to help learning
Platform: |
Size: 14880768 |
Author: |
Hits:
Description: 一个VC++ 网络入侵检测模块及程序代码,源代码完整,包括所需控件都在压缩包内,用VC编写网络软件的时候用得上。
CMainFrame* p_Frame //保持筐架类的指针
CEdit* m_pEdit //保存编辑框类的指针
CListCtrl* m_pList //保存列表类的指针
CTreeCtrl* m_pTree //保存树型控件的指针
CComboBox* m_pComboBox //保存组合筐的指针
以下的成员变量保存了最后一次分析的数据包的各种数据
ip_header* m_pih //ip头 保存最后一次分析的数据包的ip头
tcp_header* m_ptcph //tcp头 保存最后一次分析的数据包的tcp头
udp_header* m_pudph //udp头 保存最后一次分析的数据包的udp头-A VC network intrusion detection module and program code, complete source code, including the necessary controls are in the compressed package, prepared by VC when the lingua franca of network software.
CMainFrame* p_Frame // pointer to keep basket racks
CEdit* m_pEdit // Save pointer to edit box type
CListCtrl* m_pList // save the pointer to the class list
CTreeCtrl* m_pTree // save the pointer to the control tree
CComboBox* m_pComboBox // save pointer combination basket
The following member variable holds the last analysis, all data packets
ip_header* m_pih // ip header to save the last analysis the ip packet header
tcp_header* m_ptcph // tcp header to save the last analysis of the tcp packet header
udp_header* m_pudph // udp header to save the last analysis the udp packet header
Platform: |
Size: 1563648 |
Author: 云梦泽 |
Hits:
Description: 网络入侵检测系统,各模块完整,可以实现简单的网络入侵检测-Network intrusion detection system, each module is complete, you can achieve a simple network intrusion detection
Platform: |
Size: 1566720 |
Author: huangdongchao |
Hits:
Description: 一个很好的 nidis驱动程序,防火墙的,可以直接编译通过 vc++6.0的工程-nids firewall driver
Platform: |
Size: 336896 |
Author: wu |
Hits:
Description: Bro是一个目前比较活跃的开源NIDS系统,差不多两年前我写过一个有关它特性的帖子。
Bro:一个开放源码的高级NIDS系统
由于Bro有一些其他开源NIDS所没有的高级特性(主要在于对策略脚本的支持),因此安装和配置上可能相对麻烦一些,这个帖子希望能提供一些有用的参考。
Bro的官方网站是:
http://www.bro-ids.org/
上面有基本的介绍信息和下载指示,网站的一些栏目内容还待完善中。相对Snort来说,使用Bro的人还是非常少的,因此Bro的邮件列表是一个得以获取帮助非常重要的资源,建议加入这个列表或经常浏览一下邮件列表的Web Archive,相关的信息在如下的链接:
http://www.bro-ids.org/mailing-list.html-Bro is a currently more active open source NIDS system, almost two years ago I wrote a post about its features. Bro: an open source advanced NIDS system due to some other open-source Bro NIDS does not have the advanced features (mainly due to the policy scripting support), so installation and configuration may be relatively trouble some, this post I hope to provide some useful reference . Bro' s official website is: http://www.bro-ids.org/ above basic introductory information and download instructions, some sites still to be perfected column content. Snort relatively speaking, people are still using very little Bro, so Bro mailing list to get help is a very important resource, it is recommended to join this list, or frequently visit the mailing list Web Archive, relevant information at the following link : http://www.bro-ids.org/mailing-list.html
Platform: |
Size: 5627904 |
Author: 王夏洋 |
Hits:
Description: linux下的入侵检测的代码,能够检查端口扫描的入侵。我也不是什么高手,仅供大家交流参考-linux intrusion detection under the code, be able to check the port scan of the invasion. What is the master I do not only communicate the reference U.S.
Platform: |
Size: 4096 |
Author: tthedeci |
Hits:
Description: 网络入侵检测系统调试代码,物联网,snort,网络安全,c-Network Intrusion Detection System debugging code
Platform: |
Size: 53248 |
Author: 郭天天 |
Hits:
Description: Network Intrusion Detection e book
Platform: |
Size: 2132992 |
Author: |
Hits:
Description: linux下的入侵检测的代码,能够检查端口扫描的入侵。我也不是什么高手,仅供大家交流参考-linux intrusion detection under the code, be able to check the port scan of the invasion. What is the master I do not only communicate the reference U.S.
Platform: |
Size: 4096 |
Author: agigabi |
Hits:
Description: WDK提供的基于NIDS中间层包过滤功能的驱动-Windows Driver packge passthru based on NIDS
Platform: |
Size: 31744 |
Author: liang |
Hits: