Internet proxy systems such as Squid exchange intelligence relevant to their function as caching proxy servers via a distributed and trusted hierarchy of machines. The required intelligence is broadcast based along the network based upon established trust relationships throughout the connected network via specific port and protocols of exchange. An intrusion detection system that incorporates this functionality for gathering attack intelligence could be a formidable foe even for the wiliest attacker. This paper will outline a possible model for the deployment of a network/distributed network intrusion detection system utilising technologies and techniques already in existence to provide the supporting infrastructure.
Available at: http://works.bepress.com/craig_valli/46/