Black ICE 2.5 Events, False Positives and Custom Attack Signatures

The major challenge for administrators of Intrusion Detection Systems is distinguishing between events that are genuine malicious activity and those that are false positives. This paper aims to help BlackICE IDS administrators by identifying and classifying some events frequently seen by IDS agents...
Alan Mercer
November 28, 2001

All papers are copyrighted. No re-posting of papers is permitted