The Intrusion Detection Exchange Protocol (IDXP)
Voir toute la rfc dans une seule page
Page : 19 / 28
Télécharger le PDF
Auteur(s) :
B. Feinstein,
G. Matthews
Classé sous :
Security,
Ids,
Beep,
Intrusion detection,
Intrusion,
Idmef,
Security protocol,
Secure protocol,
Secure exchange
RFC 4767 IDXP March 2007
7. IDXP Option Registration Template
When an IDXP option is registered, the following information is
supplied:
Option Identification: specify the NMTOKEN or the URI that
authoritatively identifies this option.
Contains: specify the XML content that is contained within the
"Option" element.
Processing Rules: specify the processing rules associated with the
option.
Contact Information: specify the postal and electronic contact
information for the author(s) of the option.
8. Initial Registrations
8.1. Registration: The IDXP Profile
Profile identification: http://idxp.org/beep/profile
Messages exchanged during channel creation: "IDXP-Greeting"
Messages starting one-to-one exchanges: "IDXP-Greeting", "IDMEF-
Message"
Messages in positive replies: "ok"
Messages in negative replies: "error"
Messages in one-to-many exchanges: none
Message syntax: see Section 3.3
Message semantics: see Section 3.4
Contact information: see the "Authors' Addresses" section of this
memo
8.2. Registration: The System (Well-Known) TCP Port Number for IDXP
Protocol Number: 603
Message Formats, Types, Opcodes, and Sequences: see Section 3.3
Functions: see Section 3.4
Feinstein & Matthews Experimental [Page 19]