Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 2 subscribers
  • Views 1636 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

using snort as Anamoly Based IDS

bilal_jan
Hello everyone
I am doing my final year project in wh i have to configure snort to work as a  anamoly based IDS for wireless Ad-hoc networks.
I am struck at a point and i cant go further unless i solved this problem.
The qurey is that i have made snort to log packets to MS SQL server 2005 and i want to use "statistical anomaly detection technique" in which i have to draw a baseline behaviour and traffic that deviats from this normal behaiour will be declared as anamoly.
i am struck with this i dont know how to begin with.i am using SNORT IDS to track anamolies.
can anyoe please tell me how to use SNORT to work like this.
My instructor has referred me to this forum, as our university is using astaro firewall and astaro is using SNORT so i am hopeful here.
Best regards
Ahmed Bilal Jan


This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to bilal_jan
    What you have asked is too general.  Maybe you can start by pretending that you have finished everything: write a one-paragraph summary conclusion.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Cookie Information Banner