OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: NIDS: Current research and future directions
From: João Abrantes (j.m.abrantesmail.telepac.pt)
Date: Sat Dec 02 2000 - 16:45:26 CST

Archive: http://msgs.securepoint.com/ids
FAQ IDS: http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
FAQ NIDS: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
-----------------------------------------------------------------------------
Hi!

        I´m a newbie in this matters but i´ve been reading some articles and papers
about NIDS. I´m interested in doing some research on the subject and i´d
like someone to guide me through. What´s the current development problems?
What is the current area of reseach?
        I´ve seen a paper on NFR's home site talking about data visualization and
it´s importance. Since that´s a subject i have always been interested is it
worth to do some research on that? Is there someone else doing research on
that subject also?

        Thanks in advance,
                Joao Abrantes

PS: From what i was able to gather so far i think NIDS should be included in
firewall software since it´s the natural complement for that kind of
software. I think most firewall vendors have some kind of NIDS add-on but
the only one I have seen with NIDS capacity right out of the box is
Microsoft ISA Server (although it´s NIDS capacity is rather small and I
think it is only based on simple string matching for attack's fingerprints).
Am i correct in this?