https://inliniac.net/blog/tag/raid/ Recent content in Raid on Inliniac Hugo en Wed, 05 Sep 2012 18:21:42 +0000 https://inliniac.net/blog/2012/09/05/suricata-development-training-update/ Wed, 05 Sep 2012 18:21:42 +0000 https://inliniac.net/blog/2012/09/05/suricata-development-training-update/ <p><a href="https://inliniac.net/blog/blog/wp-content/uploads/2012/09/raid2012small.png"><img src="https://inliniac.net/blog/blog/wp-content/uploads/2012/09/raid2012small.png" alt=""></a> The Suricata development training at RAID 2012 next week is going to happen, so please all <a href="http://www.openinfosecfoundation.org/index.php/component/content/article/1-latest-news/162-rsvp-now">RSVP</a>. It&rsquo;s free!</p> <p>If you&rsquo;re planning to attend, please let me know what topics you are interested in. We have core devs in the room, so we can go hardcore on everything from the threading to packet capture to CUDA to pattern matching&hellip; also more straightforward stuff like extending Suricata with new keywords, log modules, etc.</p> https://inliniac.net/blog/2012/07/13/suricata-development-training/ Thu, 12 Jul 2012 23:13:18 +0000 https://inliniac.net/blog/2012/07/13/suricata-development-training/ <p><a href="https://inliniac.net/blog/blog/wp-content/uploads/2012/09/raid2012small.png"><img src="https://inliniac.net/blog/blog/wp-content/uploads/2012/09/raid2012small.png" alt=""></a> We&rsquo;re considering to offer a Suricata development training day around the next OISF brainstorm meeting. That would be in Amsterdam around the RAID conference, in early September.</p> <p>Topics we could cover:</p> <p>- code/development overview - create/extend detect module - create/extend output module - app layer module - proto detection - &hellip;</p> <p>The training would probably be free as it&rsquo;s an excercise for us as well, so we&rsquo;d just want honest feedback in return :)</p> https://inliniac.net/blog/2012/07/06/suricata-1-3-released/ Fri, 06 Jul 2012 16:06:52 +0000 https://inliniac.net/blog/2012/07/06/suricata-1-3-released/ <p><a href="https://inliniac.net/blog/blog/wp-content/uploads/2012/07/suricata2.png"><img src="https://inliniac.net/blog/blog/wp-content/uploads/2012/07/suricata2.png" alt=""></a> Today, almost half a year after the last &ldquo;stable&rdquo; release, we released Suricata 1.3. I think this release is a big step forward with regard to maturity of Suricata. Performance and scalability have been much improved, just like accuracy and stability.</p> <p>The official announcement can be found on the <a href="http://www.openinfosecfoundation.org/index.php/component/content/article/1-latest-news/157-suricata-13-available">OISF site</a></p> <p>In the last 6 months a lot of code has been changed:</p> <blockquote> <p>384 files changed, 44332 insertions(+), 18478 deletions(-)</p> https://inliniac.net/blog/2011/09/24/raid-2011-thoughts/ Sat, 24 Sep 2011 16:09:24 +0000 https://inliniac.net/blog/2011/09/24/raid-2011-thoughts/ <p>The last few days I&rsquo;ve been at the Recent Advances in Intrusion Detection (RAID) conference in California. Overall it has been a very pleasant and interesting experience. The nice California weather was certainly helping a lot!</p> <p>I&rsquo;ve seen all talks and some were very interesting. However, being a Suricata IDS developer, I was not just interested in research for the hell of it, but I was actively scouting for ideas we could implement into Suricata. In this respect the conference was highly disappointing. Although with some of the talks I thought the idea was applicable in general security, like Erik Bosmans high speed memory tainting detection, I found nothing like that for NIDS.</p>