Israel wrote: > It will be use Case-Based Reasoning and handle a repository with the > malicious network log to generate responses.
Israel, what I suggest to you is a deep research in literature - many things have already been done, tried and tested. We do not want to reinvent the wheel, or to try to make it square and see if it works, do we ? :) Second, you need to better define your problem. What you want to analyze ? What's the objective to it ? "Case Based Reasoning" is very much like saying nothing: it's a broad class of methods, but you should try to clarify what you want to do a little bit. Finally, there's a couple of programs (snot and mucus) that already generate packets from snort rules. I cannot see why you would want to do that, but if you want to, you have no need to write them from scratch. Best, Stefano Zanero Ph.D. Student Politecnico di Milano - Dip. Elettronica e Informazione www.elet.polimi.it/upload/zanero ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
