could u give me a start(IDS).

Hi all,

This is my first post here and i am expecting if any body can give me a push in right direction.

For the purpouse of understanding the programming cocepts related to the networking i hav choosen to programm an Intrusion Detection System for my last year projects.

I hav been searching google for quite a while and i hav stumbled accross various IDS like snort, tripwire........(and this site also) but i hant find anything on how to begin writing .

Mine purpouse of building an IDS is to understand basic concepts.
I hav fair amount of programming experience in c, VS and vs.net and now i am exploring PHP and Python too.

also i want it to be platform independent if possible.

i will build in 2 modules :
1st i will like to build an NIDS which can do basic stuff like detecting portscan or ddos attack.

my 2nd priority will be to build system integrity verifier.
and then to merge.

This site seems to contain many usefull stuff and i will be exploring it A.S.A.P
so plss guys any of ur help will be highly appreciated.

Thanx in advance :)

Hi davinci,

Well here's the start you asked for...there's several tutorials here and 12 on IDS...

http://www.windowsecurity.com/articl...ion_detection/

Eg

Egaladeist,

Thanx for the site,
Is there any place where I can get tutorials related to programming side of it. like how to detect port scan or some thing like tht , I mean an approch on how to write a code.

Thanx a lot

Here's another tutorial site that might help, davinci...it says it has some code too...

http://www.devarticles.com/c/b/SQL

and here's a home based one...

http://isp-planet.com/perspectives/ids_p3.html

and Tony Bradley did one here too.

Eg

Egaladeist,
wowww,
definately some thing to explore,
Thanx a Lot.

Plss
if any one stumble across some good resourses pls update it.
Thanx once again