As I am a research student, I am exploring how an intruders/attackers get inside the system and how IDS(Intrusion Detection System) detect the attack and let the administrator know about the attack. As I know that the IDS stores signatures/patterns of a particular known attacks and it matches those signature against the network traffic if mach is found then IDS alarms the administrator that an attack is detected. I want to know how IDS specifies signatures/patters and how it matches against the network traffic. Hope I have conveyed my problem statement.
On Monday, March 10, 2014 7:10:04 PM UTC+5, haren.bhatt wrote: > > Saifullah, > > Your requirement is not clear . Please elaborate as to what are you > looking for. > > > On Wed, Mar 5, 2014 at 1:45 PM, Saifullah Memon > <[email protected]<javascript:> > > wrote: > >> I am exploring the Intrusion Detection Systems, I am trying to look >> around the way the IDSs working, that is, how IDSs code the >> signature/pattern of the known attacks in its system and how it match coded >> signature with online traffic. Please help me in this regard >> >> -- >> You received this message because you are subscribed to the Google Groups >> "NFORCEIT" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected]<javascript:> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > > *Haren* > > > > Haren Bhatt | > > Head- SOC | > > *[email protected] <javascript:>* | > > http://security-culture.blogspot.com/ > > > > *"We Have A Culture Of Security."* > > *NOTICE*: This communication is meant only for the addressee(s) named > above and may contain information which is and/or legally privileged. If > you are not the named addressee(s), or the agent responsible for receiving > and delivering this communication to the named addressee(s), this > communication has been sent to you in error, please notify the sender and > delete all copies. If so, kindly contact us immediately for retrieval > purposes. Unauthorized dissemination, distribution, copying or reliance on > this communication is prohibited and may attract criminal penalties. > * For privacy reasons all the addressee(s) may be hidden.* > -- You received this message because you are subscribed to the Google Groups "NFORCEIT" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
