RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms

From: Jay Swofford (JSwofford@private)
Date: Tue Jun 08 2004 - 09:50:52 PDT

Next message: Andrew Plato: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"

Previous message: toby: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Maybe in reply to: George Heuston: "FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Next in thread: Andrew Plato: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I won't be able to attend the meeting.  How does this tool compare to
Shadow?

Jay 

-----Original Message-----
From: owner-crime@private [mailto:owner-crime@private] On Behalf
Of toby
Sent: Monday, June 07, 2004 5:41 PM
To: crime@private; aplato@private
Subject: RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo
Conf Rooms

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Having seen the paper and the tool, you want to attend this talk. It
should be very cool.

t

On Mon, 07 Jun 2004 14:50:56 -0700 Andrew Plato <aplato@private>
wrote:
>Ourmon is a statistical network monitor. Looks at packets, computes 
>statistics, keys on statistical values.
>
>Snort is a intrusion detection system. Looks at packets, compares them 
>to known vulnerabilities/exploits, keys on signatures and protocol 
>anomalies.
>
>Ourmon is more synonymous a "flow-based IDS"  There are some intrusion 
>prevention products built around flow-analysis, such as TippingPoint's 
>UnityOne and TopLayer AttackMitigator. However, these products usually 
>augment their flow analysis with signatures and higher-level filters as

>well.
>
>
>___________________________________
>Andrew Plato, CISSP
>President/Principal Consultant
>ANITIAN  ENTERPRISE  SECURITY
>
>3800 SW Cedar Hills Blvd, Suite 298
>Beaverton, OR 97005
>503-644-5656 Office
>503-214-8069 Fax
>503-201-0821 Mobile
>www.anitian.com
>___________________________________
>
>GPG fingerprint: 16E6 C5B0 B6CB F287 776E E9A9 AF47 9914 3582 633D GPG 
>public key available at: http://www.anitian.com/corp/keys.htm
>>
>>
>-----Original Message-----
>From: owner-crime@private [mailto:owner-crime@private] On Behalf 
>Of Mark Allyn
>Sent: June 07, 2004 1:53 PM
>To: alan
>Cc: George Heuston; crime@private
>Subject: Re: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo 
>Conf Rooms
>
>
>All kidding aside; I thought that snort was the biggie for open source 
>network monitoring.
>
>Mark

"I have gone to great lengths to expand my threshold of pain"
- -Tool
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkDFCzQACgkQgmQPhCwzFyDoSQCguXZ6+2ozaPdLCV3TgjAEX/C7y74A
oKKkZA6tDpayuNXyvRtG0AweRGkG
=Vw6B
-----END PGP SIGNATURE-----

Next message: Andrew Plato: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Previous message: toby: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Maybe in reply to: George Heuston: "FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Next in thread: Andrew Plato: "RE: FW: 2nd Call--CRIME Meeting 8 June 2004, 10-Noon, @ Zoo Conf Rooms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 08 2004 - 10:34:51 PDT