RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms

From: toby (tobyhush@private)
Date: Mon Jun 07 2004 - 17:41:23 PDT

  • Next message: Jay Swofford: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    Having seen the paper and the tool, you want to attend this talk. It
    should be very cool.
    
    t
    
    On Mon, 07 Jun 2004 14:50:56 -0700 Andrew Plato <aplato@private>
    wrote:
    >Ourmon is a statistical network monitor. Looks at packets, computes
    >statistics, keys on statistical values.
    >
    >Snort is a intrusion detection system. Looks at packets, compares
    >them
    >to known vulnerabilities/exploits, keys on signatures and protocol
    >anomalies.
    >
    >Ourmon is more synonymous a "flow-based IDS"  There are some intrusion
    >prevention products built around flow-analysis, such as TippingPoint's
    >UnityOne and TopLayer AttackMitigator. However, these products usually
    >augment their flow analysis with signatures and higher-level filters
    >as
    >well.
    >
    >
    >___________________________________
    >Andrew Plato, CISSP
    >President/Principal Consultant
    >ANITIAN  ENTERPRISE  SECURITY
    >
    >3800 SW Cedar Hills Blvd, Suite 298
    >Beaverton, OR 97005
    >503-644-5656 Office
    >503-214-8069 Fax
    >503-201-0821 Mobile
    >www.anitian.com
    >___________________________________
    >
    >GPG fingerprint: 16E6 C5B0 B6CB F287 776E E9A9 AF47 9914 3582 633D
    >GPG public key available at: http://www.anitian.com/corp/keys.htm
    >>
    >>
    >-----Original Message-----
    >From: owner-crime@private [mailto:owner-crime@private] On
    >Behalf
    >Of Mark Allyn
    >Sent: June 07, 2004 1:53 PM
    >To: alan
    >Cc: George Heuston; crime@private
    >Subject: Re: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @
    >Zoo
    >Conf Rooms
    >
    >
    >All kidding aside; I thought that snort was the biggie for open
    >source
    >network monitoring.
    >
    >Mark
    
    "I have gone to great lengths to expand my threshold of pain"
    - -Tool
    -----BEGIN PGP SIGNATURE-----
    Note: This signature can be verified at https://www.hushtools.com/verify
    Version: Hush 2.4
    
    wkYEARECAAYFAkDFCzQACgkQgmQPhCwzFyDoSQCguXZ6+2ozaPdLCV3TgjAEX/C7y74A
    oKKkZA6tDpayuNXyvRtG0AweRGkG
    =Vw6B
    -----END PGP SIGNATURE-----
    



    This archive was generated by hypermail 2b30 : Mon Jun 07 2004 - 18:03:53 PDT