[EMAIL PROTECTED] wrote: > 1) Which language?? C/C++ with its > already implemented projects (Snort, ModSecurity), Java with its > multiplatform option?
Network IDS ? C is the only viable option. And... > 2) Should I just take a project and try to build a new one on top of it? > Snort fe ? Has anybody done that before? Any suggestions? Contribute to Snort. > 3) How is network IDS analizing network activity when almost every package > nowadays is encrypted? It's not true that everything is encrypted. > 4) I'm thinking about encrypting IDS messages/alerts-packages as well? What > cipher should i use? Using OpenSSL seems a reasonable approach if you need to. Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
