Flylib.com
Snort Cookbook
ISBN: 0596007914
EAN: 2147483647
Year: 2006
Pages: 167
Authors:
Angela Orebaugh
,
Simon Biles
,
Jacob Babbin
BUY ON AMAZON
Installing Snort from Source on Unix
Installing Snort from Source on Unix
Installing Snort Binaries on Linux
Installing Snort on Solaris
Installing Snort on Windows
Uninstalling Snort from Windows
Installing Snort on Mac OS X
Uninstalling Snort from Linux
Upgrading Snort on Linux
Monitoring Multiple Network Interfaces
Invisibly Tapping a Hub
Invisibly Sniffing Between Two Network Points
Invisibly Sniffing 100 MB Ethernet
Sniffing Gigabit Ethernet
Tapping a Wireless Network
Positioning Your IDS Sensors
Capturing and Viewing Packets
Logging Packets That Snort Captures
Running Snort to Detect Intrusions
Reading a Saved Capture File
Running Snort as a Linux Daemon
Running Snort as a Windows Service
Capturing Without Putting the Interface into Promiscuous Mode
Reloading Snort Settings
Debugging Snort Rules
Building a Distributed IDS (Plain Text)
Building a Distributed IDS (Encrypted)
Logging to a File Quickly
Logging to a File Quickly
Logging Only Alerts
Logging to a CSV File
Logging to a Specific File
Logging to Multiple Locations
Logging in Binary
Viewing Traffic While Logging
Logging Application Data
Logging to the Windows Event Viewer
Logging Alerts to a Database
Installing and Configuring MySQL
Configuring MySQL for Snort
Using PostgreSQL with Snort and ACID
Logging in PCAP Format (TCPDump)
Logging to Email
Logging to a Pager or Cell Phone
Optimizing Logging
Reading Unified Logged Data
Generating Real-Time Alerts
Ignoring Some Alerts
Logging to System Logfiles
Fast Logging
Logging to a Unix Socket
Not Logging
Prioritizing Alerts
Capturing Traffic from a Specific TCP Session
Killing a Specific Session
How to Build Rules
How to Build Rules
Keeping the Rules Up to Date
Basic Rules You Shouldnt Leave Home Without
Dynamic Rules
Detecting Binary Content
Detecting Malware
Detecting Viruses
Detecting IM
Detecting P2P
Detecting IDS Evasion
Countermeasures from Rules
Testing Rules
Optimizing Rules
Blocking Attacks in Real Time
Suppressing Rules
Thresholding Alerts
Excluding from Logging
Carrying Out Statistical Analysis
Detecting Stateless Attacks and Stream Reassembly
Detecting Stateless Attacks and Stream Reassembly
Detecting Fragmentation Attacks and Fragment Reassembly with Frag2
Detecting and Normalizing HTTP Traffic
Decoding Application Traffic
Detecting Port Scans and Talkative Hosts
Getting Performance Metrics
Experimental Preprocessors
Writing Your Own Preprocessor
Managing Snort Sensors
Managing Snort Sensors
Installing and Configuring IDScenter
Installing and Configuring SnortCenter
Installing and Configuring Snortsnarf
Running Snortsnarf Automatically
Installing and Configuring ACID
Securing ACID
Installing and Configuring Swatch
Installing and Configuring Barnyard
Administering Snort with IDS Policy Manager
Integrating Snort with Webmin
Administering Snort with HenWen
Newbies Playing with Snort Using EagleX
Generating Statistical Output from Snort Logs
Generating Statistical Output from Snort Logs
Generating Statistical Output from Snort Databases
Performing Real-Time Data Analysis
Generating Text-Based Log Analysis
Creating HTML Log Analysis Output
Tools for Testing Signatures
Analyzing and Graphing Logs
Analyzing Sniffed (Pcap) Traffic
Writing Output Plug-ins
Monitoring Network Performance
Monitoring Network Performance
Logging Application Traffic
Recognizing HTTP Traffic on Unusual Ports
Creating a Reactive IDS
Monitoring a Network Using Policy-Based IDS
Port Knocking
Obfuscating IP Addresses
Passive OS Fingerprinting
Working with Honeypots and Honeynets
Performing Forensics Using Snort
Snort and Investigations
Snort as Legal Evidence in the U.S.
Snort as Evidence in the U.K.
Snort as a Virus Detection Tool
Staying Legal
Index
Snort Cookbook
ISBN: 0596007914
EAN: 2147483647
Year: 2006
Pages: 167
Authors:
Angela Orebaugh
,
Simon Biles
,
Jacob Babbin
BUY ON AMAZON
MySQL Stored Procedure Programming
What Is a Stored Program?
Data Types
How MySQL Processes SQL
Conclusion
Loop Processing
Certified Ethical Hacker Exam Prep
Test PlansKeeping It Legal
Automated Assessment Tools
Study Strategies
Ethics and Legality
Appendix A. Using the ExamGear Special Edition Software
The CISSP and CAP Prep Guide: Platinum Edition
Telecommunications and Network Security
Business Continuity Planning and Disaster Recovery Planning
Legal, Regulations, Compliance, and Investigations
Physical (Environmental) Security
Appendix D The Information System Security Engineering Professional (ISSEP) Certification
Cisco IP Communications Express: CallManager Express with Cisco Unity Express
Summary
Configuring Extensions and the Dial Plan
Configuring Interconnection with Other Sites
Dialplan Pattern Configuration Problems
Troubleshooting the Database, LDAP, and Mailbox Activities
101 Microsoft Visual Basic .NET Applications
Building Windows Forms User Interfaces
Interacting with the Operating System
Advanced .NET Framework
GDI+
Coding Conventions
Mapping Hacks: Tips & Tools for Electronic Cartography
Hack 19. Analyze Elevation Profiles for Wireless Community Networks
Hack 30. Plot a Great Circle on a Flat Map
Hacks 35-46
Hack 42. Map Your Tracklogs on the Web
Hack 81. Clean Up U.S. Addresses
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies