[Oisf-devel] Question about the Detection posibilities Suricata

Vasily A. Sartakov sartakov at ksyslabs.org
Mon Mar 30 11:56:11 UTC 2015


> 30 марта 2015 г., в 14:17, Nick de Bruijn <nick_hyves at hotmail.com> написал(а):
> 
> Dear oisf-devel,
> 
> I was wondering if you could help me to find the answer of my question.
> 
> I'm wondering if there are any possibilities (or plug-ins), for Suricata to scan on network behavior to detect attacks (anomaly based scanning).

if you are talking about machine learning, statistics, behavior etc - not, Suricata can not detect this kind of anomalies

> Or is Suricata bound to Signatures / rules (missuse  based scanning).

signatures/rules/specifications


> You would very much help me to answer this question.
> 
> Kind regards,
> Nick
> _______________________________________________
> Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> Site: http://suricata-ids.org | Participate: http://suricata-ids.org/participate/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> Redmine: https://redmine.openinfosecfoundation.org/

--
Vasily A. Sartakov
sartakov at ksyslabs.org




-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20150330/acd9c33f/attachment.sig>


More information about the Oisf-devel mailing list