[Secureideas-base-devel] Ideas and rambles....
Brought to you by:
secureideas,
sinukas
Menu
▾
▴
[Secureideas-base-devel] Ideas and rambles....
|
From: Kevin J. <kjo...@se...> - 2005-07-10 21:55:37
|
Hi all-
We have added a couple members and its been a little quiet , so I
thought I should have one of my ramble emails...<g>
First, I would like to welcome everyone that has joined the team and/or
the mailing list since my last ramble. For the record, you can reach me
via instant messenger on the following:
- kjo...@se... -- MSN
- linuxseron -- AIM
- linuxseron -- Yahoo
I am also usually idling in the IRC channel #secureideas on
freenode.net. Feel free to join up.... If you IM me, please let me know
who you are the first time you do it! Thanks.
Second, 2.x is coming along in my head and on my system. Hopefully I
will get it into CVS by tomorrow night. To show my ignorance, can
anyone tell me the easiest way to empty a project in CVS? I had built
the directory structure for 2.x before and since then it has completely
changed.
Third, I have been talking with a DBA type person who will be helping
ensure that the new schema and the queries perform to the best that is
possible.<g> We are trying to make it so that the schema performs for
Snort but is extensible for other data sources.
Fourth, is everyone comfortable with how to check in and out of CVS?
Fifth, I would like to get the web site updated. Especially the FAQ
section. Remember that it is the website-base project. If you update
anything, just let me know and I will promote it to the shell servers at
sourceforge.net
Sixth, what types of data sources would you like to include in the
analysis engine? We have already received information for various other
IDS systems. I would also like to be able to accept things like syslog
and other log sources.
I would like to discuss some of the ideas for 2.x now. Remember that
all of this is pie in the sky and it will need to be built in a way that
we can release things that are functional while enabling us to bolt on
the features as we build them. Also keep in mind that no matter how
complex we make the system and the number of features, I think we need
to include the basic web interface that is similar to what we support
currently. My reasoning is that most people use BASE because of the
simplicity of getting it running. We don't want to lose that.<g>
The basic directory structure would be split between /base/
and /based/. /based/ would be the server side interface to the data.
It would accept requests via HTTP POST and answer with various delimited
streams that the clients would be able to interpret. Each of these
directories would also include a contrib directory for various scripts
and tools that people send in.
Does anyone have any experience with AJAX? I see where we could use it
to create the interface. Except instead of XML, we would use a
delimited stream, since I don't think we want the weight of XML?
Also, what other projects could we make use of, that you guys see, to
make things easier for us? For example, we are going to continue using
ADODB and PEAR::ImageGraph. I have also seen various user auth systems
and interface type projects. Ideas?
I think that is enough for now....<g> I will try to follow up with
other things as I draft them up. Please feel free to comment.=20
Thanks
Kevin
---------------------
BASE Project Lead
http://sourceforge.net/projects/secureideas
http://base.secureideas.net
The next step in IDS analysis!
|