On Fri, Mar 25, 2011 at 2:36 AM, Kay <[email protected]> wrote: > I have took a look at the UMPA, it's really a good work =) I think you mean > that I can use it to sniff packets and analysis the captured packets to > detect intrusion.
I'm an original author of the UMPA. If you have any questions about the library don't hastite to ask here or privately. > I am not quite familiar with statistical analysis. What I have been focused > on is the multi-core architecture and how to accelerate network processing > on it. I'd like to know exactly what functions should have in a personal > NIDS so that I can evaluate if I have the ability to work on this project. > Port-scan detection, DDoS detection, or something else? There are hundrends (ok, i have never counted it) ideas about DDoS detection/prevention. Most of them are theoretical. Years ago I implemented some and got great results. I'm seeing it as a good idea to prepare one-big DDoS tool. However, the problem is, most of the ideas are related to Linux kernel patches etc. Not sure how much you would like to hack a kernel. Also, how much it would be valuable in a real life. bart. ------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar _______________________________________________ Umit-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/umit-devel
