traffic intrusion packets
Sort by: Relevance | Date
Improving the Performance of Passive Network Monitoring Applications Using Locality Buffering
White Paper The approach, called locality buffering, reorders the captured packets by clustering packets with the same destination port, before they are delivered to the monitoring application, resulting to improved... [04 Mar 2008]
On the Design and Use of Internet Sinks for Network Abuse Monitoring
White Paper In contrast to traditional intrusion detection systems or firewalls, iSink includes an active component that generates response packets to incoming traffic. Monitoring unused or dark IP... [09 Jan 2008]
Target-Based TCP Stream Reassembly
White Paper This flaw exists in several layers of evaluation and processing of the packets including the IP, TCP, and application layers. The authors revealed that intrusion detection systems cannot be effective and... [27 Dec 2007]
Passive Operating System Identification From TCP/IP Packet Headers
White Paper The most recent open-source passive OS identification tool (ettercap) rejects 70% of all packets and has a high 75-class error rate of 30% for non-rejected packets on unseen test data. Nearest neighbor... [07 Nov 2007]
SIFT: Snort Intrusion Filter for TCP
White Paper SIFT selectively forwards IP packets that contain questionable headers or defined signatures to a PC where complete rule processing is performed. High-level intrusion rules mapped directly into hardware... [31 Oct 2007]
Cisco plugs DoS hole
News The security flaws could allow attackers to send a few small packets through the routers to shut down the network in a DoS attack, said Johannes Ullrich, chief research officer for the Sans Institute, which issued a... [25 May 2007]
The dos and don'ts of VoIP security
Comment Additional tools that will help networks in case of any attack are intrusion detection and prevention systems, which scan for rogue incoming packets, and straightforward antivirus software which can help... [04 Apr 2007]
DiscountASP.NET Wards Off DoS Threats & 10 Million Online Attacks With TippingPoint Protecting Its Customers
White Paper The attack flooded the site's server with unwanted packets, against which the firewalls were ineffective. To thwart the attacks, DiscountASP.NET contacted vendors of intrusion prevention and DoS... [20 Oct 2006]
Cracked: The Great Firewall of China
News The Cambridge research group tested the firewall by firing data packets containing the word "Falun" at it, a reference to the banned Falun Gong religious group. Richard Clayton of the University of Cambridge computer... [04 Jul 2006]
VoIP: Don't forget about security
Comment I'm waiting to see the security tool which is a network packet sniffer that reassembles packets on the fly," Murray says. Before the overhaul, the company's network was badly hit by the Blaster worm, which flooded... [09 Aug 2005]
Analysis: The network is the security
Comment Network devices will have the ability to tear apart packets, block malicious code, enforce policies and filter content up and down the OSI (Open Systems Interconnection) stack. This means that the network will perform... [14 Jul 2004]
Cisco battles Juniper with worms
News Platon said the company is working on a product that sits in line with the traffic, looking at the content of the packets. A new element in the updated IOS is improved protection against denial of... [10 Mar 2004]
Pretend Or Prevent? No Matter What It's Called, If a Network Security System Doesn't Shoot First and Ask Questions Later, It Doesn't Qualify As Intrusion Prevention
White Paper To qualify as true intrusion prevention, the system must use an in-line appliance to inspect traffic at the packet level and drop offending packets before they reach the victim.... [25 Feb 2004]
Towards Trapping Wily Intruders in the Large
White Paper In the network context these signals may be seen in the TCP-RESET packets and the ICMP echo-response or destination/port unreachable packets. Analysis of network tra†c has shown that the profiles of such... [25 Feb 2004]
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics
White Paper We then present norm, a publicly available user-level implementation of a normalizer that can normalize a TCP traffic stream at 100,000 pkts/sec in memory-to-memory copies, suggesting that a kernel implementation using... [25 Feb 2004]
Keep updated for stories matching traffic intrusion packets via RSS
