Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
IDS #243
Comments
thestinger
added
Type: enhancement
Priority: low
labels
Apr 22, 2016
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
xmikos
Apr 25, 2016
It would be great if it could also detect QUANTUM INSERT attacks, see here: Deep dive into QUANTUM INSERT (configuration for Bro, Snort and Suricata IDS here: https://github.com/fox-it/quantuminsert/tree/master/detection).
Not only NSA, but now even Chinese, Malaysian and Indian malware and ad networks seems to be doing QUANTUMINSERT-style man-on-the-side attacks: Website-Targeted False Content Injection by Network Operators
xmikos
commented
Apr 25, 2016
|
It would be great if it could also detect QUANTUM INSERT attacks, see here: Deep dive into QUANTUM INSERT (configuration for Bro, Snort and Suricata IDS here: https://github.com/fox-it/quantuminsert/tree/master/detection). Not only NSA, but now even Chinese, Malaysian and Indian malware and ad networks seems to be doing QUANTUMINSERT-style man-on-the-side attacks: Website-Targeted False Content Injection by Network Operators |
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment|
Not planned. |
thestinger
closed this
Feb 10, 2017
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment Hide comment
thestinger
Apr 25, 2018
Contributor
This is going to be revived as part of our Auditor app: copperhead/Auditor#27.
|
This is going to be revived as part of our Auditor app: copperhead/Auditor#27. |
thestinger commentedApr 22, 2016
•
edited
Edited 1 time
-
thestinger
edited Apr 22, 2016
It would be cool to have optional built-in IDS support. It's not possible to do this well without it being built into the OS due to lack of privileges, especially as the app sandbox is hardened. It's an area where CopperheadOS could provide a real edge. Android has SafetyNet, but that's meant to protect the ecosystem as a whole, not individuals.