Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Hello Sir/Ma'am, About Intrusion Detection System


  • Please log in to reply
13 replies to this topic

#1 codexdhen

codexdhen

    CC Lurker

  • New Member
  • Pip
  • 5 posts
  • Programming Language:C, Java, C++, Objective-C, C#, PHP, (Visual) Basic, Python, JavaScript, Perl, Ruby, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Lua, Fortran, Bash, VBScript, Others

Posted 08 October 2012 - 09:03 AM

Hello, to all programmers here, can I ask what is the best programming language that I will need to developing Intrusion Detection System (Network IDS and Host-Based IDS)?. Thank You!
  • 0

#2 dargueta

dargueta

    I chown trolls.

  • Moderator
  • 4854 posts
  • Programming Language:C, Java, C++, PHP, Python, JavaScript, Perl, Assembly, Bash, Others
  • Learning:Objective-C

Posted 08 October 2012 - 09:14 AM

This is a really vague question. What operating systems will this be running on? What kind of intrusions are you trying to detect using what methods?

Also, if this isn't a homework assignment it shouldn't be in this forum. I'll move it to General Programming if it isn't.
  • 0

sudo rm -rf / && echo $'Sanitize your inputs!'


#3 codexdhen

codexdhen

    CC Lurker

  • New Member
  • Pip
  • 5 posts
  • Programming Language:C, Java, C++, Objective-C, C#, PHP, (Visual) Basic, Python, JavaScript, Perl, Ruby, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Lua, Fortran, Bash, VBScript, Others

Posted 08 October 2012 - 09:35 AM

Ooops. I'm sorry sir. Well, sir I'm using windows 7. So, sir for the kind of IDS, I want to use the Network IDS and Host-Based IDS. thanks for the reply.
  • 0

#4 dargueta

dargueta

    I chown trolls.

  • Moderator
  • 4854 posts
  • Programming Language:C, Java, C++, PHP, Python, JavaScript, Perl, Assembly, Bash, Others
  • Learning:Objective-C

Posted 08 October 2012 - 09:46 AM

Considering this is a low-level utility that must operate in real time, you'll probably have to use C/C++.
  • 2

sudo rm -rf / && echo $'Sanitize your inputs!'


#5 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 08 October 2012 - 11:05 AM

It will definitely need to be something that can intercept every packet received. That's going to severely limit your choice of language. A few others are possible, but not many that are in common use.
  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#6 codexdhen

codexdhen

    CC Lurker

  • New Member
  • Pip
  • 5 posts
  • Programming Language:C, Java, C++, Objective-C, C#, PHP, (Visual) Basic, Python, JavaScript, Perl, Ruby, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Lua, Fortran, Bash, VBScript, Others

Posted 08 October 2012 - 11:15 AM

How about the vb.net? It is possible to use that language for the IDS?
  • 0

#7 lespauled

lespauled

    CC Leader

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1360 posts
  • Programming Language:C, C++, C#, JavaScript, PL/SQL, Delphi/Object Pascal, Visual Basic .NET, Pascal, Transact-SQL, Bash

Posted 08 October 2012 - 11:26 AM

Most likely this is too high level language with too much overhead.
  • 0
My Blog: http://forum.codecal...699-blog-77241/
"Women and Music: I'm always amazed by other people's choices." - David Lee Roth

#8 codexdhen

codexdhen

    CC Lurker

  • New Member
  • Pip
  • 5 posts
  • Programming Language:C, Java, C++, Objective-C, C#, PHP, (Visual) Basic, Python, JavaScript, Perl, Ruby, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Lua, Fortran, Bash, VBScript, Others

Posted 08 October 2012 - 11:35 AM

Ah okay sir.. Thanks for the Info. Well, Sir, is there any way or possibility that I can run the IDS to the vb.net?. I mean sir, there is a possibility that the vb.net can run the whole system of IDS?.
  • 0

#9 RhymeTime

RhymeTime

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 65 posts
  • Location:Odenton, MD
  • Programming Language:C, PHP, Python, JavaScript, Assembly, Others
  • Learning:C, PHP, Python, JavaScript, Assembly, Others

Posted 28 October 2012 - 07:30 AM

I am sure that it is possible to do. I don't know anything about vb.net but if you want any real practicality you want to use a lower level language. With the overhead of a high level language you will either miss a lot of packets becuase it can't pick them up quick enough or you will see a lot of latency in your network, depending on how it is configured inline. For example Snort is written in C and is used in many business. I created an IDS type program in python and am converting it to C because in Python I was causing WAAAYYY to much delay like on the order of seconds.
  • 0

#10 dargueta

dargueta

    I chown trolls.

  • Moderator
  • 4854 posts
  • Programming Language:C, Java, C++, PHP, Python, JavaScript, Perl, Assembly, Bash, Others
  • Learning:Objective-C

Posted 28 October 2012 - 12:49 PM

Have you tried Cython? Very little rewriting, and it can be compiled to almost C-level efficiency if your compiler is smart enough.
  • 0

sudo rm -rf / && echo $'Sanitize your inputs!'


#11 BlackRabbit

BlackRabbit

    CodeCall Legend

  • Expert Member
  • PipPipPipPipPipPipPipPip
  • 3871 posts
  • Location:Argentina
  • Programming Language:C, C++, C#, PHP, JavaScript, Transact-SQL, Bash, Others
  • Learning:Java, Others

Posted 28 October 2012 - 11:45 PM

Hello Codex, i think the answer you are looking for is YES, haha, well, the way to get to that yes is for you find some existing dll or service, developed at low level, that you call and use from VB. Splitting the network layer from the database and management layer. That last one is totally doable in .net.
You just need to watch the whole specter of TCP/IP packets, and then to apply some rules, so ... google TCP/IP monitor libraries, open source in c++ preferably, do your modifications, compile it as a dll or service. And use that info from your VB UI.
  • 0

#12 Colanth

Colanth

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 165 posts
  • Location:Fayetteville, NC, USA
  • Programming Language:PHP, (Visual) Basic, JavaScript, Visual Basic .NET, Pascal, Logo, Assembly, VBScript, Others

Posted 03 November 2012 - 12:39 PM

Since speed is the crucial point here, assembly would be the best language. But it would take a while to learn and it takes a lot more time to write a given program in assembly than it does to write it in any higher level language.

As far as any .net language, adding the .net framework makes the program slower, so raw C (like the old Microsoft C compiler or the Mark Williams compiler) would produce faster code than a .net program. But well-written assembly would still be faster.
  • 0




Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download