Fév 21, 2002
504 Vues
0 0

Network Intrusion Detection Signatures

Ecrit par

This is the first in a series of articles on understanding and developing signatures for network intrusion detection systems. In this article we will discuss the basics of network IDS signatures and then take a closer look at signatures that focus on IP, TCP, UDP and ICMP header values. Such signatures ignore packet payloads and instead look for certain header field values or combinations of values. By learning about network IDS signatures, you’ll have more knowledge of how intrusion detection systems operate, and you’ll have a better foundation to write your own IDS signatures.



Network Intrusion Detection Signatures, Part One


Network Intrusion Detection Signatures, Part Two

Network Intrusion Detection Signatures, Part Three

Catégorie:
News

Laissez un commentaire

Menu Title