FAQ: See http://www.ticm.com/kb/faq/idsfaq.html IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html HELP: Having problems.. Then email questions to ids-owner@uow.edu.au NOTE: You MUST remove this line from reply messages as it will be filtered. SPAM: DO NOT send unsolicted mail to this list. USUB: email "unsubscribe ids" to majordomo@uow.edu.au --------------------------------------------------------------------------- > I suggest you look at the following for traffic-analysis systems: > > Onion Routing (http://www.onion-router.net/ -- okay, so this is a > shameless plug for my research :-). This system is free and the code > is about to be release Open-Source. We support Linux as one of our > primary development platforms. If I understand your website correctly the union project is about defeating traffic-analysis. I, on the other hand, wish to expand my traffic-analysis capabilities. I've been building my own experimental code, using pcap (tcpdump) and python for my initial datapipe and mysql for offline storage and analysis. Real-time processing power is not really an issue at this point. My first application area will be optimizing my client's NT based wan which connects about 60 lans to their corporate headquarter over 56k isdn lines. After installing a linux fileserver/router the CIO was somewhat amazed to see how easily I could trackdown and pinpoint a number of sources of extraneous traffic, which were causing massive cost-overruns on their telco budgets by triggering loads of longdistance calls on their isdn-stack. Intrusion detection will however become a prime concern once they connect this wan to the internet via a T1 sometime next summer. They don't realize this yet, but I do all the more so ;-) -- ________________________________________________________________ Paul Stevens mailto:paul@nfg.nl NET FACILITIES GROUP PGP: finger paul@nfg.nl The Netherlands________________________________http://www.nfg.nl