RFC 4766:Intrusion Detection Message Exchange Requ...
RFC-Ref
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Intrusion Detection Message Exchange Requirements
1. Introduction
1.1. Conventions Used in This Document
2. Overview
2.1. Rationale for IDMEF
2.2. Intrusion Detection Terms
2.2.1. Activity
2.2.2. Administrator
2.2.3. Alert
2.2.4. Analyzer
2.2.5. Data Source
2.2.6. Event
2.2.7. IDS
2.2.8. Manager
2.2.9. Notification
2.2.10. Operator
2.2.11. Response
2.2.12. Sensor
2.2.13. Signature
2.2.14. Security Policy
2.3. Architectural Assumptions
2.4. Organization of This Document
2.5. Document Impact on IDMEF Designs
3. General Requirements
3.1. Use of Existing RFCs
3.1.1. Rationale
3.2. IPv4 and IPv6
3.3. Rationale
4. Message Format Requirements
4.1. Internationalization and Localization
4.1.1. Rationale
4.1.2. Scenario
4.2. Message Filtering and Aggregation
4.2.1. Rationale
4.2.2. Scenario
5. IDMEF Communication Protocol (IDP) Requirements
5.1. Reliable Message Transmission
5.1.1. Rationale
5.2. Interaction with Firewalls
5.2.1. Rationale
5.2.2. Scenario
5.3. Mutual Authentication
5.3.1. Rationale
5.4. Message Confidentiality
5.4.1. Rationale
5.5. Message Integrity
5.5.1. Rationale
5.6. Per-source Authentication
5.6.1. Rationale
5.7. Denial of Service
5.7.1. Rationale
5.7.2. Scenario
5.8. Message Duplication
5.8.1. Rationale
5.8.2. Scenario
6. Message Content Requirements
6.1. Detected Data
6.1.1. Rationale
6.2. Event Identity
6.2.1. Rationale
6.2.2. Scenario
6.3. Event Background Information
6.3.1. Rationale
6.3.2. Scenario
6.4. Additional Data
6.4.1. Rationale
6.5. Event Source and Target Identity
6.5.1. Rationale
6.6. Device Address Types
6.6.1. Rationale
6.6.2. Scenario
6.7. Event Impact
6.7.1. Rationale
6.8. Automatic Response
6.8.1. Rationale
6.9. Analyzer Location
6.9.1. Rationale
6.9.2. Scenario
6.10. Analyzer Identity
6.10.1. Rationale
6.10.2. Scenario
6.11. Degree of Confidence
6.11.1. Rationale
6.11.2. Scenario
6.12. Alert Identification
6.12.1. Rationale
6.12.2. Scenario
6.13. Alert Creation Date and Time
6.13.1. Rationale
6.13.2. Scenario
6.14. Time Synchronization
6.14.1. Rationale
6.14.2. Scenario
6.15. Time Format
6.15.1. Rationale
6.16. Time Granularity and Accuracy
6.16.1. Rationale
6.17. Message Extensions
6.17.1. Rationale
6.18. Message Semantics
6.18.1. Rationale
6.18.2. Scenario
6.19. Message Extensibility
6.19.1. Rationale
7. Security Considerations
8. References
8.1. Normative References
8.2. Informative References
9. Acknowledgements
10. Authors' Addresses
11. Full Copyright Statement
12. Intellectual Property
13. Acknowledgement
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org
