EmergingThreats> Main Web>OpenInfosec>PorstcanDDoSWG (2009-07-28, MattJonkman) EditAttach

Portscan and DDoS? Working Group

This group has a mailing list for discussion here: http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-wg-portscan

The goal of this working group is to make recommendations regarding two major subjects:

  • Is traditional portscan detection functionality useful enough to be reimplemented in the OISF engine?
  • If above true what methods might make this more effective than currently available?

  • Is a DDoS? detection module feasible and necessary? (i.e. to detect both incoming and outgoing DDoS? traffic using statistical and behavioral analysis)
  • If so how?

This group should come to recommendations on these subject by August 12 2009.

Breno Silva (breno.silva@gmail.com) is the group lead. He will be responsible for sparking and steering the discussion as well as summarizing the recommendations of the group.

-- MattJonkman - 28 Jul 2009

Edit | Attach | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r1 - 2009-07-28 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats