-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Having seen the paper and the tool, you want to attend this talk. It should be very cool. t On Mon, 07 Jun 2004 14:50:56 -0700 Andrew Plato <aplato@private> wrote: >Ourmon is a statistical network monitor. Looks at packets, computes >statistics, keys on statistical values. > >Snort is a intrusion detection system. Looks at packets, compares >them >to known vulnerabilities/exploits, keys on signatures and protocol >anomalies. > >Ourmon is more synonymous a "flow-based IDS" There are some intrusion >prevention products built around flow-analysis, such as TippingPoint's >UnityOne and TopLayer AttackMitigator. However, these products usually >augment their flow analysis with signatures and higher-level filters >as >well. > > >___________________________________ >Andrew Plato, CISSP >President/Principal Consultant >ANITIAN ENTERPRISE SECURITY > >3800 SW Cedar Hills Blvd, Suite 298 >Beaverton, OR 97005 >503-644-5656 Office >503-214-8069 Fax >503-201-0821 Mobile >www.anitian.com >___________________________________ > >GPG fingerprint: 16E6 C5B0 B6CB F287 776E E9A9 AF47 9914 3582 633D >GPG public key available at: http://www.anitian.com/corp/keys.htm >> >> >-----Original Message----- >From: owner-crime@private [mailto:owner-crime@private] On >Behalf >Of Mark Allyn >Sent: June 07, 2004 1:53 PM >To: alan >Cc: George Heuston; crime@private >Subject: Re: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ >Zoo >Conf Rooms > > >All kidding aside; I thought that snort was the biggie for open >source >network monitoring. > >Mark "I have gone to great lengths to expand my threshold of pain" - -Tool -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkDFCzQACgkQgmQPhCwzFyDoSQCguXZ6+2ozaPdLCV3TgjAEX/C7y74A oKKkZA6tDpayuNXyvRtG0AweRGkG =Vw6B -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Mon Jun 07 2004 - 18:03:53 PDT