You are here: silicon.com > Resources > White Papers > Networking and Communications > Network Technologies > TCP - IP

TCP - IP White Papers

SIFT: Snort Intrusion Filter for TCP

Overview Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention services to run at multi Gigabit/second rates. High-level intrusion rules mapped directly into hardware separate malicious content from benign content in network traffic. Hardware parallelism allows intrusion systems to scale to support fast network links, such as OC-192 and 10 Gbps Ethernet. In this paper, a Snort Intrusion Filter for TCP (SIFT) is presented that operates as a preprocessor to prevent benign traffic from being inspected by an intrusion monitor running Snort. Snort is a popular open-source rule-processing intrusion system. SIFT selectively forwards IP packets that contain questionable headers or defined signatures to a PC where complete rule processing is performed.

Further White Paper Details
Publisher	Washington University in St. Louis	File Format	PDF
Date Published	August 2005	Downloads	4
Format	White Papers
Topics	TCP - IP, Web Filtering, Intrusion Detection Systems

Did you find this white paper useful? 3 out of 5 users found this white paper useful

Anthony & Sylvan Pools Takes the Plunge with VoIP

Publisher:
Shoretel

Sprint IPVoice Connect Fact Sheet

Publisher:
Sprint

Integrated Trade Systems, Inc. Is Able to Track and Ensure Timely Purchase Order Delivery by Using Biscom Delivery Server to Send Files Securely

Publisher:
Biscom

Stewart Title Guaranty Company Reduces Courier and FTP Costs Using Biscom Delivery Server for Timely, Accurate, and Trackable Distribution of Software to Their Customers

Publisher:
Biscom

Tags:
tcp - ip

Anti-virus vendors failing users, claims CA chief

To prevent this type of malware from attacking, companies should have both intrusion detection and firewalls as part of their security strategy, not just anti-virus software. Anti-virus vendors are not doing enough to protect their customers from...

Channel:
Security Strategy

Cisco battles Juniper with worms

In early 2003, it acquired Okena, a small maker of intrusion prevention software for desktops, in a deal valued at $154m. Many intrusion prevention solutions have suffered from a high rate of false positives, causing some non-threatening traffic to...

Channel:
Security Strategy

Analysis: The network is the security

Network devices will have the ability to tear apart packets, block malicious code, enforce policies and filter content up and down the OSI (Open Systems Interconnection) stack. To minimize malicious-code propagation, every desktop will be scanned...

Gartner: Don't believe the tech security myths

So, Williams said, the answers are the same: guard the IP PBX with a firewall, an Intrusion Prevention System (IPS) and other products just as how a server is protected. When combined with best practices for mobile endpoints, including disabling...

Channel:
Security Strategy
Tags:
gartner

eEye looks to open source for antivirus

Clam AntiVirus is fast in offering signatures for new threats, often quicker than commercial competitors including McAfee and Symantec but it lags in detection capabilities, said Andreas Marx, an antivirus-software expert at the University of...

The dos and don'ts of VoIP security

Additional tools that will help networks in case of any attack are intrusion detection and prevention systems, which scan for rogue incoming packets, and straightforward antivirus software which can help prevent any known threats from disrupting...

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

TCP - IP White Papers

SIFT: Snort Intrusion Filter for TCP

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific