[Bro] Baselining: The foundation of Specification Based IDS

CS Lee geek00l at gmail.com
Sat Nov 10 23:08:54 PST 2007

Hi all,

I like the idea of specification based IDS, and since Vern has mentioned
about it, I would like to gather the idea or suggestion of anyone who has
done network baselining for their network, what are the tools and
methodologies used by people around here to build the baseline of their
network, and what kind of data are important for that matter(for example I
myself prefer to use statistical and flow based tools to do that) however I
really like to hear from the bro community.

I know it should be different when applying on different networks but
getting the idea is great.


Best Regards,

CS Lee<geekooL[at]gmail.com>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20071111/e6ce02ab/attachment.html 

More information about the Bro mailing list