Vyšla experimentální rfc.4765, 4766, 4767 v?novaná detekci pr?nik? (protokol?m pro vým?nu dat)
12.03.2007
The Intrusion Detection Message Exchange Format (IDMEF)
Abstract:
The purpose of the Intrusion Detection Message Exchange Format
(IDMEF) is to define data formats and exchange procedures for sharing
information of interest to intrusion detection and response systems
and to the management systems that may need to interact with them.
This document describes a data model to represent information
exported by intrusion detection systems and explains the rationale
for using this model. An implementation of the data model in the
Extensible Markup Language (XML) is presented, an XML Document Type
Definition is developed, and examples are provided.
Intrusion Detection Message Exchange Requirements
Abstract:
The purpose of the Intrusion Detection Exchange Format Working Group
(IDWG) is to define data formats and exchange procedures for sharing
information of interest to intrusion detection and response systems
and to the management systems that may need to interact with them.
This document describes the high-level requirements for such a
communication mechanism, including the rationale for those
requirements where clarification is needed. Scenarios are used to
illustrate some requirements.
The Intrusion Detection Exchange Protocol (IDXP)
Abstract:
This memo describes the Intrusion Detection Exchange Protocol (IDXP),
an application-level protocol for exchanging data between intrusion
detection entities. IDXP supports mutual-authentication, integrity,
and confidentiality over a connection-oriented protocol. The
protocol provides for the exchange of IDMEF messages, unstructured
text, and binary data. The IDMEF message elements are described in
RFC 4765, "The Intrusion Detection Message Exchange Format (IDMEF)",
a companion document of the Intrusion Detection Exchange Format
Working Group (IDWG) of the IETF.