Re: RFC: Intrusion Scenario archive/repository
DONALD DAY (DDAY@EMAIL.USPS.GOV)
30 Nov 1994 12:18:12 GMT
JIM,
This sounds good to me. But I work for the USPS, so what do I know?
Donald M Day
NISSC-USPS
Raleigh NC
dday@email.usps.gov
ADP Security Specialist
(only one here**so I am the Lone Security Ranger)
______________________________ Reply Separator _________________________________
Subject: RFC: Intrusion Scenario archive/repository
Author: _ids (SMTP.IDS) at SSWGATE
Date: 11/30/94 12:08 PM
Good Morning to All,
I am curious to get comments (good or bad) regarding the
desirability/feasibility of establishing an Intrusion Scenario
archive/repository.
IMHO the first step in developing any type of intrusion
detection package is knowing what to look for i.e. knowing what an
intrusion looks like.
Would it be worth the effort to create a central repository of
intrusion scenarios (descriptions)? Entries in the archive would
conform to a standard format (information content) to facilitate
searching/analysis.
This archive would benefit those developing ID systems. It
would benefit system administrators by allowing them to search out
intrusion scenarios applicable to their particular system/operating environment.
Thanks
Jim Truitt
PS I realize that some people will consider such an archive to be
a primer on intruding, but I think the possible benefits outway this side
effect.