danielowen.com

This paper explores the elements involved in implementing a Snort IDS and associated software. The considerations and steps taken in building the IDS are discussed, as are the pitfalls and compromises inherent in the implementation discussed in this paper. This paper should be helpful to anyone considering setting up and IDS for the first time regardless of the final software solution that is chosen.

Malware, broadly defined as any type of malicious and probably secret software, has been an issue in the personal computer (PC) industry since at least the mid 1980s. This paper outlines the current state of malware with an emphasis on non-viral malware such as spyware, adware, worms, Trojan horses, keystroke loggers, dialers, and browser hijackers. Viruses are mentioned only as a comparison point where appropriate. This paper reviews the types and behaviors of malware, infection methods and mitigation techniques.

This paper looks at the major spam filtering techniques in current use. In looking at methods both success rates and possible problems with each method are explored. Methods discussed include key word filtering, open relay filtering, open proxy filtering, dial-up filtering, non conforming mailing list filtering, cooperative sharing of spam samples, known spam origin filtering and Bayesian filtering.

I finished this paper in December of 2004 so the most recent techniques of both spammers and spam filters are not covered. Most crucial is the absence of coverage of image spam. Even with the slight age that this article has it will still be valuable to anyone trying to figure out how to minimize the amount of spam coming into their companies.