IDS using PHP
Well, it's been done before, but don't let that stop you. You might even be able to learn something from the PHP-IDS project. I suppose a basic way you could do it is to just check all POST's and GET's for signs of intrusion attempts. e.g. include the file your IDS script at the beginning of every PHP script (you can set this in php.ini actually), and that file can be something like:
if (intrusion attempt is found in any of the post or get's){ die("intrusion attempt, this has been logged");}
system_meltdown wrote: But how about you try and do something a bit easier for your project? Rather an easier thing done well than a hard thing done badly, if you get me. harry_potter28 wrote: well i had already chosen this project and had done a bit research on it, i want to start the coding now, but i want to know from where should i start
I agree with system. I doubt the timeframe for your project + your experience with PHP will = success with such a large goal. Since you've already done research into a full-featured IDS, perhaps you could take one aspect of a typical IDS and center on that for your project. Then, as time permitted (probably after your grade), you could build upon that to get a more robust IDS done.
As for what you'd need, very little of it (except for the part that nights_shadow or japanesedude mentioned, depending on the focus of your IDS) will actually be coding. The majority of it will be logic, so hack away at your spiral notebook with a pencil until you understand more about what it will be doing. Then, the coding will be much easier.