[Discussion] a few ideas

• Previous message (by thread): [Discussion] a few ideas
• Next message (by thread): [Discussion] a few ideas
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Edward Bjarte Fjellskål wrote:
> I want to take this one step further, and try to do this automatic... Im
> working on a little perl daemon, to sniff the traffic, and detect OS and
> Services running on my network. Hopefully, in the future, this could be
> used to
> automatically help in the "auto categorization" of events... in sguil or
> other IDS gui...
> ( http://www.gamelinux.org/?p=43  and  http://gamelinux.github.com/prads/ )

I'm still a bit torn on whether we should have the engine itself do the
detection of this information or if we should enable the engine to be
fed this info by external programs like your prads.

Thoughts anyone?

Regards,
Victor

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

• Previous message (by thread): [Discussion] a few ideas
• Next message (by thread): [Discussion] a few ideas
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]