Steven McCanne, B. Jacobsen, and Craig Leres. Tcpdump. ftp://ftp.ee.lbl.gov.  Home/Search   Document Not in Database   Summary   Related Articles

....may be programmed to detect and report them. To verify our design concept, a basic implementation of this algorithm (which we christened Early Bird) was built. While it would be premature to quantitatively evaluate this version, the code was tested for several weeks on our LAN with tcpwrapper [13] data as input. It was not difficult to tune the software to detect a worm or sweep attack within seconds but produce only one or two false alarms per day from normal user traffic. 2.2 Architecture Figure 2 depicts a simple hierarchy with three departments: Left has three hosts, Right has one ....

Steven McCanne, B. Jacobsen, and Craig Leres. Tcpdump. ftp://ftp.ee.lbl.gov.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC