Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Intrusion detection and network forensic
Go to: HSC Trainings
Version française
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o Training courses
o E-learning
o Agenda
o Past events
o Tutorials
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
o HSC Newsletter
o Press review
o Press releases
o Publications
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Intrusion detection and network forensic  
> Access to the content HTML Beginning of the presentation
PDF PDF version [247501]  
> Description This talk gives an overview of Network based IDS, and their limits. Several tools and techniques are then discussed to overcome these limits. The last part of the talk, based on a case study, is about network forensics.  
> Context & Dates Talk made during the Microsoft Security Days, on 6 May 2004.
> Author Jean-Baptiste Marchand, Yann Berthier 
> Type [ French - HTML ]  
> Abstract &
Table of content
Architecture type
Méthodes - Pattern Matching
Méthodes - Analyse des protocoles applicatifs
Méthodes - Analyse statistique
Méthodes - Analyse comportementale
Au delà des IDS
Politique de sécurité réseau - détection des violations
Flux réseau - Définition
Flux réseau - Génération de flux
Flux réseau - Exploitation des flux
Flux réseau - Applications en sécurité
Surveillance des adresses noires
Conclusion sur la détection d'intrusions
Analyse forensique réseau : une étude de cas  
> Related documents
[Presentation]  Ethereal, a multi-purpose network analyzer - how to detect viruses and worms with network analysis [4 May 2004 - French]
[Presentation]  Network Flows based forensics of a honeypot [9 March 2004 - French]
[Techno-watch]  CanSecWest 2002 Conference [4 May 2002 - French]
[Presentation]  Honeypots [12 March 2002 - French]
themeIntrusion Detection
[Tip]  Argus [19 February 2002 - French/English]
[Course]  Advanced Intrusion Detection
[Presentation]  Encrypting hostile Web content over HTTP [31 May 2007 - French]
[Presentation]  Intrusion Prevention : New reinforcement tools for perimetric defense [16 June 2005 - French]
[Presentation]  Generation of regular expressions from logged events [2 February 2005 - French]
[Presentation]  Intrusion Detection [25 September 2002 - French]
[Tip]  Advanced Intrusion Detection Environment (AIDE) [9 January 2002 - French]
[Tip]  Follow-up on discovering the libnids [6 September 2001 - French]
[Tip]  Introduction to the libnids [13 April 2001 - French]
[Tool]  rkscan tool [Rootkit scanner for loadable kernel-module rootkits - English]
[Tip]  RKSCAN: Scanner for loadable kernel-module rootkits [25 October 2000 - English]
[Tip]  Presentation and detection of the ADORE rootkit [16 October 2000 - French]
[Tool]  IDSwakeup tool [Test of intrusion detection systems - English]
[Presentation]  Round table on intrusion detection [8 June 2000 - French]
[Presentation]  Technical method to evade intrusion detection system. [27 March 2000 - French]
[Presentation]  Help to detect attack, intrusion and anomaly. [27 March 2000 - French]
[Presentation]  Introduction to intrusion detection [26 January 2000 - French]
[Presentation]  Presentation of some free software for intrusion detection [26 January 2000 - French]
[Presentation]  Intrusion detection with Shadow [6 July 1999 - French]
> Copyright © 2004, Hervé Schauer Consultants, all rights reserved.


Last modified on 14 May 2004 at 11:12:29 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants