[Discussion] Submitted Ideas

• Previous message (by thread): [Discussion] Submitted Ideas
• Next message (by thread): [Discussion] Submitted Ideas
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'll divide these up into some separate emails and we can discuss....

Victor Julien wrote:
> Same here, for all of them though, except the alert message substitution
> and on the fly rule updates...
> 
> It all sounds very interesting... if I only knew what it meant ;-)
> 
> Regards,
> Victor
> 
> Martin Holste wrote:
>> Those last two need quite a bit of explanation (at least for me)...
>>
>> On Wed, Feb 4, 2009 at 1:33 PM, Matt Jonkman <jonkman at jonkmans.com
>> <mailto:jonkman at jonkmans.com>> wrote:
>>
>>     Martin Fong of SRI sent in a list of some very good ideas. I'll post
>>     them below and lets discuss a bit. I'm sure Martin can add to it as
>>     we go.
>>
>>
>>        - Content-based alert message substitution
>>        - Non-combinatoric IP/port lists
>>        - Cooperative event loops (e.g., libevent) to support asynch I/O
>>        - On-the-fly rule updates without state loss
>>        - Configuration file conditional preprocessor
>>        - Variable blackboards
>>        - Non-tokenized preprocessor parameter lines
>>
>>     Thanks Martin!
>>
>>     Matt
>>
>>     --
>>     --------------------------------------------
>>     Matthew Jonkman
>>     Emerging Threats
>>     Phone 765-429-0398
>>     Fax 312-264-0205
>>     http://www.emergingthreats.net
>>     --------------------------------------------
>>
>>     PGP: http://www.jonkmans.com/mattjonkman.asc
>>
>>
>>     _______________________________________________
>>     Discussion mailing list
>>     Discussion at openinfosecfoundation.org
>>     <mailto:Discussion at openinfosecfoundation.org>
>>     http://lists.openinfosecfoundation.org/mailman/listinfo/discussion
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Discussion mailing list
>> Discussion at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/discussion
> 
> 

-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc

• Previous message (by thread): [Discussion] Submitted Ideas
• Next message (by thread): [Discussion] Submitted Ideas
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]