[nsp-sec] Pre-classified netflow samples
Sebastian Abt
sa at rh-tec.de
Tue Sep 2 16:47:38 EDT 2008
* Smith, Donald wrote:
> Flow-dscan from flow tools provides some ddos and scanning recognition
> abilities.
>
> I have written some flow-nfilter and flow-filter acl's but most of
> those have been fairly specific with host and port numbers based on
> reports here or on another list.
Thanks, this is an idea I haven't thought about yet.. However, I'm more
looking for data that has been verified to belonging to a specific
attack and classified accordingly, which can then be used as a training
and evaluation dataset.
sebastian
--
fon: +49 69 95411 15 e-mail: sa at rh-tec.de
fax: +49 69 95411 45 mobile: +49 69 95411 55
rh-tec Business GmbH http://www.rh-tec.de/
Ringstrasse 36 32584 Loehne
Geschaeftsfuehrer: Gerhard Roehrmann
Registergericht: AG Bad Oeynhausen, HRB 8112
More information about the nsp-security
mailing list