Snort


    • OSSEC
      Apart from its role as an intrusion detection system, host-based OSSEC is often used as a security information and event manager (SEM/SIM)
    • Snort
      Using protocol analysis, content searching and different pre-processors, Snort is able to detect thousands of worms, vulnerability exploit attempts, port scans and other suspicious behavior. This NIDS is perfect for traffic analysis and packet logging on IP networks.
    • This network security analysis tool uses Network Security Monitoring (NSM) a concept developed by Richard Bejtlich, Director of Incident Response at General Electric,
    • In an ideal scenario, a corporate network should be shielded by both a HID and NID systems. The former acts as a last ditch protection for individual computers, while the latter maintains the secure network.

Stealthful Sniffing, Intrusion Detection and Logging:

http://www.linuxjournal.com/article/6222?page=0,0

Intrusion Detection Systems
with Snort
Advanced IDS Techniques Using
Snort, Apache, MySQL, PHP, and ACID:-
http://ptgmedia.pearsoncmg.com/images/0131407333/downloads/0131407333.pdf

Using Snort – Debian guide
https://www.debian-administration.org/article/318/Using_the_’snort’_Intrusion_Detection_System

The Snort Blog – guis for snort
http://blog.snort.org/2011/01/guis-for-snort.html

Advertisements
This entry was posted in Intrusion detection and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s