Argus 2.0 features
Carter Bullard
carter at qosient.com
Wed Jul 12 07:35:59 EDT 2000
Hey Russell,
Since I'm basically restructuring the guts of
Argus, we can do anything we want, so I wouldn't
limit the wish list in anyway. Of course reality
will set in at some point, but at this stage we
should try to find out what might be the right thing
to do.
Yes, you are absolutely right that we need to
validate that we are counting everything. I
believe that we're cool here, but the validation
is important!
Do we have packet captures of any of the attack
scenarios that you mentioned? nmap, xmas, etc....
The CIDF trial data was good data for Argus,
but I haven't seen anything from those guys
in a while. Are they still at it?
Carter
More information about the argus
mailing list