[Secureideas-base-devel] Re: Base Development
Brought to you by:
secureideas,
sinukas
From: Joel E. <es...@kn...> - 2004-10-30 17:57:48
|
Well, my name is Joel Esler, I am a GCIA certified Intrusion Detection Analyst (and parttime coder/developer) for the Regional Computer Emergency Response Team for the United States Army. I work with Snort on a daily basis, and have made many different contributions to the program in many different ways. (Rules, ACID, and even some Snort code itself) I have fixed many of the bugs in ACID that I have noticed, and feel as if I can contribute more. There are several things I hope to accomplish.. One: To make BASE realize it's own ruleset. meaning that through a clickable click it may be possible to bring up the actual rule that triggered the signature, this will help in rule rewriting and False positive elimination. There's some brainstorming to be done here. Two: Bug fixes. Three: To create an Intrusion Detection platform that may at some point include tcpdump and tcpdump results (to read Snort's binary format or a separate tcpdump instance) for better data correlation. Four: Through other tools added onto BASE, it may be possible to develop some sort of visualization. Three dimensional spacial representation of Snort's traffic. There are many ongoing projects for this already, however, none have been integrated with other tools. Thoughts? Joel On Oct 30, 2004, at 13:24, Kevin Johnson wrote: > On Sat, 2004-10-30 at 12:03, Joel Esler wrote: >> Message body follows: >> >> I'd like to be included in the BASE development team. Asside from >> what >> I've helped with so far, I've got alot more ideas I can help with >> (rule >> inclusion, other bug fixes that I've found) >> >> My personal email is es...@kn... .. My user id for sourceforge >> is >> joelesler >> > > Hi- > > I am copying the developers mailing list with this email. I believe > that you would be a good addition to the team, but I believe that > everyone would like to know a little about you and some of the ideas > you > have or things you are interested in working on. I would prefer not to > grow the team to big but I don't believe that adding you would cause > that.<grin> I will be adding you email address to the developers > mailing list so that you can respond to everyone. > > Thanks > Kevin |