Hi all, At 9:29 Uhr 30.11.1994 -0500, Jim Truitt wrote: >Good Morning to All, > > I am curious to get comments (good or bad) regarding the >desirability/feasibility of establishing an Intrusion Scenario >archive/repository. > > IMHO the first step in developing any type of intrusion >detection package is knowing what to look for i.e. knowing what an >intrusion looks like. > > Would it be worth the effort to create a central repository of >intrusion scenarios (descriptions)? Entries in the archive would >conform to a standard format (information content) to facilitate >searching/analysis. > > This archive would benefit those developing ID systems. It >would benefit system administrators by allowing them to search out >intrusion scenarios applicable to their particular system/operating >environment. > I think this would be a good idea, but I doubt that contributions especially from the commercial world would come in in masses. Too much politics and PR involved here. Josch -- Am Tiergarten 22 Tel.: +49/69/4990880 D-60316 Frankfurt Fax : +49/6103/383-157 Germany privat: maass@thinkfish.rhein-main.de biz.: Joerg.Maass@frs.mts.dec.com PGP signature available upon request.