Re: RFC: Intrusion Scenario archive/repository

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Jim Truitt: "Re: RFC: Intrusion Scenario archive/repository"
• Previous message: tlunt@ARPA.MIL: "Re: RFC: Intrusion Scenario archive/repository"
• Maybe in reply to: Jim Truitt: "RFC: Intrusion Scenario archive/repository"
• Next in thread: Jim Truitt: "Re: RFC: Intrusion Scenario archive/repository"

Hi all,

At  9:29 Uhr 30.11.1994 -0500, Jim Truitt wrote:
>Good Morning to All,
>
>        I am curious to get comments (good or bad) regarding the
>desirability/feasibility of establishing an Intrusion Scenario
>archive/repository.
>
>        IMHO the first step in developing any type of intrusion
>detection package is knowing what to look for i.e. knowing what an
>intrusion looks like.
>
>        Would it be worth the effort to create a central repository of
>intrusion scenarios (descriptions)? Entries in the archive would
>conform to a standard format (information content) to facilitate
>searching/analysis.
>
>        This archive would benefit those developing ID systems. It
>would benefit system administrators by allowing them to search out
>intrusion scenarios applicable to their particular system/operating
>environment.
>

I think this would be a good idea, but I doubt that contributions
especially from the commercial world would come in in masses. Too much
politics and PR involved here.



Josch


--
Am Tiergarten 22            Tel.: +49/69/4990880
D-60316 Frankfurt           Fax : +49/6103/383-157

Germany                     privat: maass@thinkfish.rhein-main.de
                            biz.:   Joerg.Maass@frs.mts.dec.com

PGP signature available upon request.

• Next message: Jim Truitt: "Re: RFC: Intrusion Scenario archive/repository"
• Previous message: tlunt@ARPA.MIL: "Re: RFC: Intrusion Scenario archive/repository"
• Maybe in reply to: Jim Truitt: "RFC: Intrusion Scenario archive/repository"
• Next in thread: Jim Truitt: "Re: RFC: Intrusion Scenario archive/repository"