[Oisf-devel] Question about the Detection posibilities Suricata
Vasily A. Sartakov
sartakov at ksyslabs.org
Mon Mar 30 11:56:11 UTC 2015
> 30 марта 2015 г., в 14:17, Nick de Bruijn <nick_hyves at hotmail.com> написал(а):
>
> Dear oisf-devel,
>
> I was wondering if you could help me to find the answer of my question.
>
> I'm wondering if there are any possibilities (or plug-ins), for Suricata to scan on network behavior to detect attacks (anomaly based scanning).
if you are talking about machine learning, statistics, behavior etc - not, Suricata can not detect this kind of anomalies
> Or is Suricata bound to Signatures / rules (missuse based scanning).
signatures/rules/specifications
> You would very much help me to answer this question.
>
> Kind regards,
> Nick
> _______________________________________________
> Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> Site: http://suricata-ids.org | Participate: http://suricata-ids.org/participate/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> Redmine: https://redmine.openinfosecfoundation.org/
--
Vasily A. Sartakov
sartakov at ksyslabs.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20150330/acd9c33f/attachment.sig>
More information about the Oisf-devel
mailing list