Ask HN: Known Attacks for Network Intrusion Detection System
SANS.org paper on NIDS says the following "performs an analysis for a passing traffic on the entire subnet. Works in a promiscuous mode, and matches the traffic that is passed on the subnets to the library of knows attacks"
Is there any public list of such known attacks ? Also, are there any reliable open source software in Linux that can do NIDS ?
1 comment
[ 4.2 ms ] story [ 16.1 ms ] threadBro: https://en.wikipedia.org/wiki/Bro_(software)
There are "signatures" just like with anti-virus software.