[unisog] An help for a thesis

Michael Anderson mca at arlut.utexas.edu
Wed Nov 17 21:45:59 GMT 2004

Have you taken a look at argus. It might do some of what you want.

mmunaret at studenti.math.unipd.it wrote:

>Hi y'all, I am doing a research for a thesis in intrusion detector learning but
>I have some problems sniffing a proper net.
>I am using a tcpdump log file to extrapolate some features that I need, like the
>lenght of the connection, the protocol type, the service and so on but I need to
>have other information like:
>"wrong fragment", urgent, connections that have SYN/REJ errors and so on.
>Just for an example, features written here:
>are ones that I use.
>Thank you so much for your contribution even if it is not a fully security issue.
>Matteo Munaretto
>University of Padova - Italy
>Computer Science Dept.
>Mail inviata da: http://www.studenti.math.unipd.it
>Dipartimento di Matematica Pura ed Applicata
>Universita' degli Studi di Padova
>unisog mailing list
>unisog at lists.sans.org

More information about the unisog mailing list