On 8/23/06, Mike Poor <[EMAIL PROTECTED]> wrote:
Daniel et al,
has any work been done to map out alert/rule/threat/attack taxonomies for
ossec? Im thinking something similar to what we have in the top (ok, no
flames here) SIM's today?
Personally, I think this work has only started to be done on the snort rule
set ( you could use the classifcation field as a start ).
Anyhow, hope all is well with you and yours,
Mike Poor
