Re: Re[2]: so, shall we get started?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Todd Glassey - Lan Systems Administrator : "Re: For those that have just joined"
• Previous message: Teresa Lunt: "Re: so, shall we get started?"
• Maybe in reply to: adamsb@un.org: "Re[2]: so, shall we get started?"

	I have some knowledge of SRI's NIDES product.

	It generates for you, profiles of normal behavior so that you
can monitor real-time or long term for deviation from normal behavior.
(Note, deviation from normal behavior is not always and intrusion or
abusive, just not the normal behavior for the subject.)

	It supports an expert system with a rulebase editor that allows
you to define specific intrusion scenarios (i.e. the specific
"no-no's"). The ES capability monitors enforcement of your specific
site security policy.

JT

========================================================================
Some of the people who will speak at the one day SRI presentation have a
lot of first hand experience with intrusion detection.  I talked my boss
into attending, because we are essentially clueless in this area, even
though we met a couple of the people who will speak.

                                                        Hog Farmer

• Next message: Todd Glassey - Lan Systems Administrator : "Re: For those that have just joined"
• Previous message: Teresa Lunt: "Re: so, shall we get started?"
• Maybe in reply to: adamsb@un.org: "Re[2]: so, shall we get started?"