Flylib.com
Managing Security with Snort and IDS Tools
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Managing Security with Snort and IDS Tools
Table of Contents
Copyright
Preface
Audience
About This Book
Assumptions This Book Makes
Chapter Synopsis
Conventions Used in This Book
Comments and Questions
Acknowledgments
Chapter 1. Introduction
1.1 Disappearing Perimeters
1.2 Defense-in-Depth
1.3 Detecting Intrusions (a Hierarchy of Approaches)
1.4 What Is NIDS (and What Is an Intrusion)?
1.5 The Challenges of Network Intrusion Detection
1.6 Why Snort as an NIDS?
1.7 Sites of Interest
Chapter 2. Network Traffic Analysis
2.1 The TCPIP Suite of Protocols
2.2 Dissecting a Network Packet
2.3 Packet Sniffing
2.4 Installing tcpdump
2.5 tcpdump Basics
2.6 Examining tcpdump Output
2.7 Running tcpdump
2.8 ethereal
2.9 Sites of Interest
Chapter 3. Installing Snort
3.1 About Snort
3.2 Installing Snort
3.3 Command-Line Options
3.4 Modes of Operation
Chapter 4. Know Your Enemy
4.1 The Bad Guys
4.2 Anatomy of an Attack: The Five Ps
4.3 Denial-of-Service
4.4 IDS Evasion
4.5 Sites of Interest
Chapter 5. The snort.conf File
5.1 Network and Configuration Variables
5.2 Snort Decoder and Detection Engine Configuration
5.3 Preprocessor Configurations
5.4 Output Configurations
5.5 File Inclusions
Chapter 6. Deploying Snort
6.1 Deploy NIDS with Your Eyes Open
6.2 Initial Configuration
6.3 Sensor Placement
6.4 Securing the Sensor Itself
6.5 Using Snort More Effectively
6.6 Sites of Interest
Chapter 7. Creating and Managing Snort Rules
7.1 Downloading the Rules
7.2 The Rule Sets
7.3 Creating Your Own Rules
7.4 Rule Execution
7.5 Keeping Things Up-to-Date
7.6 Sites of Interest
Chapter 8. Intrusion Prevention
8.1 Intrusion Prevention Strategies
8.2 IPS Deployment Risks
8.3 Flexible Response with Snort
8.4 The Snort Inline Patch
8.5 Controlling Your Border
8.6 Sites of Interest
Chapter 9. Tuning and Thresholding
9.1 False Positives (False Alarms)
9.2 False Negatives (Missed Alerts)
9.3 Initial Configuration and Tuning
9.4 Pass Rules
9.5 Thresholding and Suppression
Chapter 10. Using ACID as a Snort IDS Management Console
10.1 Software Installation and Configuration
10.2 ACID Console Installation
10.3 Accessing the ACID Console
10.4 Analyzing the Captured Data
10.5 Sites of Interest
Chapter 11. Using SnortCenter as a Snort IDS Management Console
11.1 SnortCenter Console Installation
11.2 SnortCenter Agent Installation
11.3 SnortCenter Management Console
11.4 Logging In and Surveying the Layout
11.5 Adding Sensors to the Console
11.6 Managing Tasks
Chapter 12. Additional Tools for Snort IDS Management
12.1 Open Source Solutions
12.2 Commercial Solutions
Chapter 13. Strategies for High-Bandwidth Implementations of Snort
13.1 Barnyard (and Sguil)
13.2 Commericial IDS Load Balancers
13.3 The IDS Distribution System (I(DS)2)
Appendix A. Snort and ACID Database Schema
A.1 acid_ag
Appendix B. The Default snort.conf File
Appendix C. Resources
C.1 From Chapter 1: Introduction
C.2 From Chapter 2: Network Traffic Analysis
C.3 From Chapter 4: Know Your Enemy
C.4 From Chapter 6: Deploying Snort
C.5 From Chapter 7: Creating and Managing Snort Rules
C.6 From Chapter 8: Intrusion Prevention
C.7 From Chapter 10: Using ACID as a Snort IDS Management Console
C.8 From Chapter 12: Additional Tools for Snort IDS Management
C.9 From Chapter 13: Strategies for High-Bandwidth Implementations of Snort
Colophon
Index
index_SYMBOL
index_A
index_B
index_C
index_D
index_E
index_F
index_G
index_H
index_I
index_J
index_K
index_L
index_M
index_N
index_O
index_P
index_Q
index_R
index_S
index_T
index_U
index_V
index_W
index_X
index_Y
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Strategies for Information Technology Governance
Assessing Business-IT Alignment Maturity
Linking the IT Balanced Scorecard to the Business Objectives at a Major Canadian Financial Group
Technical Issues Related to IT Governance Tactics: Product Metrics, Measurements and Process Control
Governing Information Technology Through COBIT
Governance Structures for IT in the Health Care Industry
Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment
Working with Buttons
What Is a Formula?
Project A: Build a Connection Document Database
Formula Language Enhancements
View Enhancements
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Hack 14. Control Your Bluetooth Phone with FMA
Hack 43. Control Wireless Access by MAC
Hacks 5262: Introduction
Hack 93. Build Cheap, Effective Roof Mounts
Appendix A. Wireless Standards
Microsoft VBScript Professional Projects
Errors, Constants, and Variables
Customizing the Start Menu and Quick Launch Toolbar
Project Case Study Analyzing Application Logs
Converting Reports to HTML Pages
Appendix A Windows XP Command Reference
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
What Is SQL*Plus?
Generating the Entire Page
Scripting the Data Dictionary
Returning Values to Unix
The Site and User Profiles
Java Concurrency in Practice
What is Thread Safety?
Concurrent Collections
Executing Tasks in Threads
Complementary Testing Approaches
AbstractQueuedSynchronizer
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies