incubator-alois-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Holthaus (IMSEC)" <>
Subject Slight rework of apache alois papaer for IMF 2011
Date Sun, 16 Jan 2011 21:37:11 GMT
Hi all

I just made a few modifications to the excellent text prepared by Urs Lerch.
Most of them are little corrections regarding system details probably unknown
to Urs (my history with the tool is longer), some are in respect to the
existing fields of use and the potentials for forensic applications, and some
just represent differing feelings on how to formulate an english essay.

One thing I cannot handle myself: Urs's figure 2 misses four components:
a) An array from "dobby" to "lizard", implying message data flow for message
analysis and correlation
b) an array from "lizard" to "reptor" (not "reporter", indicating message flow
for reports and alarms
c) an array from "prisma" to "lizard", indicating the flow of messages for
which there is no input filter (prisma) yet, but which can be analysed all the
d) an "s" in "prisma"

Urs: Could you correct that, please?


-- Marcus


-- Dr. Marcus Holthaus
-- IMSEC GmbH, Sonnhaldenstrasse 87, CH 6331 H├╝nenberg
-- +41 41 780 00 11,
-- The primary second opinion on IT security
-- Please Use OpenPGP key FDBD17F2 to encrypt your mail to me.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message