Mailing List Archive

Exaprotect Contrib
ExaProtect Technology provide a SIM solution based on Open Source
components embeded Prelude and Nessus and the proprietary technology
iCare (Incident Care) dedicated to events correlation and analysis
awarded by ANVAR (French Agency for Innovation).

ExaProtect Technology wants to combine the strength of the Open Source
model with the viability of a classical economic approach. In this way,
we will contribute to the community and redistribute a part of our work;
we are sensitive to the Open Source way of thinking.

You can download contribution including Prelude LML (ruleset, plugin)
and patch (Honeyd, Nessus) on this page:

http://www.exaprotect.com/labs/download/download.fr.php?DIR=/download

Currently we are working on taxonomy in order to normalize security
events; if you are interested or worked on this subject (regarding last
message on Prelude mailing list about strategy), we can share our point
of views, please contact us.

We have already identified following categories:

# Category
1 Authentication/Access/Authorization
2 DoS
3 Evasion
4 Exploit
5 Hijacking
6 Monitoring
7 Recon
8 Virus / Trojan
9 Suspicious
10 Status
11 Unknown

--
Christophe BRIGUET (Directeur Technique) <cbriguet(at)exaprotect.com>
www.exaprotect.com "Be alert with your alerts"