 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Mon, Nov 21, 2005 at 09:46:06PM -0500, Tom Metro wrote: > Over the weekend I received some unusual looking email from one of the > monitoring tools I run on my mail server, and while investigating it I > discovered that a bunch of instances of a program I use to download > email from a Yahoo! account were stuck in endless loops and filling up > my process table (due to a data provoked bug). (The alert email I > received had nothing directly to do with the hung processes.) ........................... > > It really needs to be smarter. What I'd really like is a program that > runs for a week or so in learning mode, develops a database of what is > "normal" and then sends alerts for when it notices unusual behavior. > > Does anyone know of a tool that does this? I'm sure there are intrusion > detection tools that incorporate this, but following the UNIX > philosophy, I'd rather use a tool that specifically addressed this need. sounds like you want to calculate the standard deviation (SD) and then alert when the behavior exceeds SD by some percentage, say anything over 10-15%. Just a thought. > -- Jeff Kinz, Emergent Research, Hudson, MA. speech recognition software may have been used to create this e-mail
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
