On Tue, Mar 29, 2011 at 3:10 PM, Kay <[email protected]> wrote: > Thanks for your suggestion. Yep, I know there are many types of DDoS attack,
I was talking about many types of detection. But you are right, there are many types of attack either. > Since you have experience in this area, what's your opinion? If you have > more information about this and the kernel part in a DDoS attack, please > send me some links. Thanks. I have been hacking into Linux kernel to improve > the receiving speed recently. > It's nice to have your help =) Firstly, I think you should focus on detection and prevention instead of attack. Check IEEE (you are a student so you have a free access there for sure), there are a lot of articles. > --Kay > > > On Tue, Mar 29, 2011 at 9:00 AM, Bartosz SKOWRON <[email protected]> wrote: >> >> On Fri, Mar 25, 2011 at 2:36 AM, Kay <[email protected]> wrote: >> >> > I have took a look at the UMPA, it's really a good work =) I think you >> > mean >> > that I can use it to sniff packets and analysis the captured packets to >> > detect intrusion. >> >> I'm an original author of the UMPA. If you have any questions about >> the library don't hastite to ask here or privately. >> >> > I am not quite familiar with statistical analysis. What I have been >> > focused >> > on is the multi-core architecture and how to accelerate network >> > processing >> > on it. I'd like to know exactly what functions should have in a personal >> > NIDS so that I can evaluate if I have the ability to work on this >> > project. >> > Port-scan detection, DDoS detection, or something else? >> >> There are hundrends (ok, i have never counted it) ideas about DDoS >> detection/prevention. Most of them are theoretical. Years ago I >> implemented some and got great results. I'm seeing it as a good idea >> to prepare one-big DDoS tool. However, the problem is, most of the >> ideas are related to Linux kernel patches etc. Not sure how much you >> would like to hack a kernel. Also, how much it would be valuable in a >> real life. >> >> bart. > > ------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar _______________________________________________ Umit-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/umit-devel
