Sorry for piping in late. If it is a new IDS project that you want to start, have you considered working on a Host-based IPS? There is a lot of potential in this field.
If your interests are limited to Network-based security systems, then others on the list have already said what needs to be said. ~Z On 16 Oct 2007 12:13:56 -0000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Hi > > > Recently i'm working on a new IDS project. > > As a matter a fact at the moment i'm stuck in a point where i'm supposted to > decide few very important things : > > > 1) Which language?? C/C++ with its > > already implemented projects (Snort, ModSecurity), Java with its > multiplatform option? > > > 2) Should I just take a project and try to build a new one on top of it? > Snort fe ? Has anybody done that before? Any suggestions? > > > 3) How is network IDS analizing network activity when almost every package > nowadays is encrypted? > > > 4) I'm thinking about encrypting IDS messages/alerts-packages as well? What > cipher should i use? > > > I dont want to "go in a wrong direction" from the start so please help ;] > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to > http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw > to learn more. > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
