jess LAND
        Sponsored by:       
One eSecurity
JISK Knowledgebase >>    About    News    Essentials    Architecture    FWs    IDS/IPS    Honeypots    Malware    Forensics   
  +  JSS Home    Projects    JSS Community    Events    News    Docs    About    Contact .

JISK > IDS IPS > Network IDS_IPS Section Map

Network-based Intrusion Detection & Prevention

Content Leader: Jess Garcia - Last Updated: January 17, 2007



Field Notes

The below notes are aimed at helping you in your daily Traffic Analysis. They cover the most usual information you need for real life operations, but they are not meant to be a complete reference. A best effort is made to keep them as accurate and updated as possible.



Signature Development

  • Tools for helping in the development of signatures:
    • Universal Pattern Searcher - Looks for common patterns in different datasets
    • Worminator - Win32 tool for easing/automating the process of creating IDS/IPS signatures for SMTP based worms, providing a comfortable GUI, including raw base64 variants and Snort signatures support.


  • Other Useful Resources:
  • Capture Files Repositories:

Copyright © 2000-2008 Jessland - Jess Garcia's Website - All rights reserved.