Forwarded From: zambonit_private, spaft_private ---------------------------------------------------------------------- The COAST Laboratory at Purdue University announces the alpha release of the AAFID system ---------------------------------------------------------------------- The COAST laboratory, a part of the CERIAS Center at Purdue University, is proud to announce the availability of the first public release of the AAFID (Autonomous Agents for Intrusion Detection) system. AAFID is a distributed monitoring and intrusion detection system that employs small stand-alone programs (Agents) to perform monitoring functions in the hosts of a network. AAFID uses a hierarchical structure to collect the information produced by each agent, by each host, and by each set of hosts, so as to be able to detect suspicious activity. It is important to note that AAFID is not by itself a network-based intrusion detection system. It provides the infrastructure for distributing monitoring tasks over many hosts. Some agents may implement network monitoring functions, while others may implement host monitoring functions. This is the first public release of the AAFID prototype. It is completely implemented in Perl 5, which makes it easier to run it in different platforms. This distribution includes: - Base classes for Monitors, Transceivers and Agents (Monitors and Transceivers are the top-level entities that oversee the operation of agents on a per-host and per-hostset basis -- this is explained in detail in the documentation). - A number of working Agents that perform different functions, and that allow you to run the system out-of-the-box. - A code generation tool that makes it easy to develop new agents, as well as documentation on how to use it. - A graphical interface to the system. - Documentation for the architecture, as well as for this implementation. We encourage interested parties to download the software, use it, and provide any feedback that you consider appropriate. In particular, we are interested in the following: - Success or failure stories about getting the system to run in different architectures, operating systems, and networks. - New agents that you develop and that may be of interest to other people. - New filters for different types of data. - Bug reports and fixes. - Suggestions for new features. - Comments on the documentation. - In general, any kind of feedback! The feedback we receive will be used to shape the next generation of tools based on the AAFID architecture. The current release works only on Unix systems, but we are planning a future release that will also run on Windows NT. We invite you to visit our WWW page for more information: http://www.cs.purdue.edu/coast/projects/autonomous-agents.html or our FTP site to download the software: ftp://coast.cs.purdue.edu/pub/COAST/tools/AAFID/ Please send any questions and feedback to aafid-feedbackt_private Enjoy, -- Eugene Spafford & Diego Zamboni spaft_private, zambonit_private -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:06:10 PDT