Quentin JEROME
Quentin JEROME
I'd like to add my contribution to this. I am using Archlinux without desktop environment, only i3 as window manager and it was literally a nightmare to try to make...
@calexandru2018, thanks for your explanation, I'll wait for the new client then. If you need beta-testers with minimal graphical environment I am there ;)
Hello @thomasxmeng, No, it does not send the logs to a dedicated log channel. However, you can find the output of its detections inside WHIDS installation directory `C:\Program Files\Whids\`. If...
Yes, I did observed performance limitations, and to be honest I thought the limit was much lower :). I am not an ETW expert, but I guess this is due...
Hi, For the moment it is not possible. If you know exactly how I can do it via Windows API I can implement it quickly. Cheers
Hi @be-a-panther, So many questions in your issue ! I'll try to answer them all. The 10MB datasets contains around 200,000 entries. 1. How many datasets did you test? **The...
I am sorry but I don't understand what you're testing. If you want me to be able to help you, please give me information I can use to replicate the...
Your only concern should be fp rate, which you do not compute because count aggregates both FP + TP if I am not mistaking. To see if the filter works...
FP / TP (i.e. 16/5 in your case) isn't the definition of FP rate. FP rate is given by the formula: FP / (FP + TN) (see: https://en.wikipedia.org/wiki/False_positive_rate)
TN is true negative, so all the things not supposed to be in your filter actually reported as not being in the filter. Assuming you are testing the full IPv4...