Definition of Snort
Defined as: An open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
|
|
Snort
|
|
A Tool for Running Snort in Dynamic IP Address Assignment Environment
The purpose of this paper is to detail the creation of a small tool program which aids the operation of the Snort IDS in dynamically assigned IP address environment. The configuration file of Snort (snort.conf) specifies IP numbers for the monitored network and servers. For the non-permanent IP address subscriber sites, which are the case for the most of ADSL users, these parameters need be updated every time the data link connection reset and new address is assigned.
Read the Article
|
Building and Maintaining a NIDS Cluster Using FreeBSD and Snort
What I am going to show you here is how to build a NIDS cluster with central logging and maintenance facilities. Hopefully this will help you take more control over your environment so you actually know what is happening on your network, and by knowing that you can take appropriate counter measures to remove the threat. This can include everything to automatically tearing down the TCP connection to reconfigure the firewall(s) to block the offending packets to enter your network in the first place.
Read the Article
|
Snort, Apache, SSL, PHP, MySQL and Acid Install on Fedora Core 1 From RPM
This document originated when a friend of mine asked me to put together this procedure for him so that he could install Snort and Acid. It is pretty basic and is for the Linux newbie, as well the Snort newbie. This is not an ultra-secure end-all to Snort IDS deployment guide; this is a "How in the hell do I get this installed and working" guide. This document will walk you through installing a stand-alone RedHat/Fedora system (this is not for a dual boot system).
Read the Article
|
Snort for WinXP Installation Non-Enterprise Network
This setup procedure basically follows the instructions on Winsnort.com under Winsnort with Snortsnarf. As we all know all instruction is not complete and always leaves something out and what I have tried here is to clarify and expand on the setup. My goal is to make a simple to follow instruction by outlining each step until the setup is completed. Also, I made some changes in the configuration and added in other components (freesmtp and oinkmaster) to assist the administrator in operating the Winsnort.
Read the Article
|
Snort: Intrusion Detection for the masses!
You may have firewalls and logs in place on your network, or, you may think they're too expensive. Or unnecessary, or too difficult to configure. Nothing could be further from the truth. In fact, it's a common scenario: you suspect malicious activity on your network. PCs seem to be behaving oddly. Virus scanners on your PCs become inoperable. Finally, your web page is hacked. What's going on? Better yet, how can you be alerted to this type malicious activity on your network?
Read the Article
|
|
|
Page: 1 2 3 4
Members currently browsing this category:
|
|
