Flylib.com
Managing Security with Snort and IDS Tools
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Managing Security with Snort and IDS Tools
Table of Contents
Copyright
Preface
Audience
About This Book
Assumptions This Book Makes
Chapter Synopsis
Conventions Used in This Book
Comments and Questions
Acknowledgments
Chapter 1. Introduction
1.1 Disappearing Perimeters
1.2 Defense-in-Depth
1.3 Detecting Intrusions (a Hierarchy of Approaches)
1.4 What Is NIDS (and What Is an Intrusion)?
1.5 The Challenges of Network Intrusion Detection
1.6 Why Snort as an NIDS?
1.7 Sites of Interest
Chapter 2. Network Traffic Analysis
2.1 The TCPIP Suite of Protocols
2.2 Dissecting a Network Packet
2.3 Packet Sniffing
2.4 Installing tcpdump
2.5 tcpdump Basics
2.6 Examining tcpdump Output
2.7 Running tcpdump
2.8 ethereal
2.9 Sites of Interest
Chapter 3. Installing Snort
3.1 About Snort
3.2 Installing Snort
3.3 Command-Line Options
3.4 Modes of Operation
Chapter 4. Know Your Enemy
4.1 The Bad Guys
4.2 Anatomy of an Attack: The Five Ps
4.3 Denial-of-Service
4.4 IDS Evasion
4.5 Sites of Interest
Chapter 5. The snort.conf File
5.1 Network and Configuration Variables
5.2 Snort Decoder and Detection Engine Configuration
5.3 Preprocessor Configurations
5.4 Output Configurations
5.5 File Inclusions
Chapter 6. Deploying Snort
6.1 Deploy NIDS with Your Eyes Open
6.2 Initial Configuration
6.3 Sensor Placement
6.4 Securing the Sensor Itself
6.5 Using Snort More Effectively
6.6 Sites of Interest
Chapter 7. Creating and Managing Snort Rules
7.1 Downloading the Rules
7.2 The Rule Sets
7.3 Creating Your Own Rules
7.4 Rule Execution
7.5 Keeping Things Up-to-Date
7.6 Sites of Interest
Chapter 8. Intrusion Prevention
8.1 Intrusion Prevention Strategies
8.2 IPS Deployment Risks
8.3 Flexible Response with Snort
8.4 The Snort Inline Patch
8.5 Controlling Your Border
8.6 Sites of Interest
Chapter 9. Tuning and Thresholding
9.1 False Positives (False Alarms)
9.2 False Negatives (Missed Alerts)
9.3 Initial Configuration and Tuning
9.4 Pass Rules
9.5 Thresholding and Suppression
Chapter 10. Using ACID as a Snort IDS Management Console
10.1 Software Installation and Configuration
10.2 ACID Console Installation
10.3 Accessing the ACID Console
10.4 Analyzing the Captured Data
10.5 Sites of Interest
Chapter 11. Using SnortCenter as a Snort IDS Management Console
11.1 SnortCenter Console Installation
11.2 SnortCenter Agent Installation
11.3 SnortCenter Management Console
11.4 Logging In and Surveying the Layout
11.5 Adding Sensors to the Console
11.6 Managing Tasks
Chapter 12. Additional Tools for Snort IDS Management
12.1 Open Source Solutions
12.2 Commercial Solutions
Chapter 13. Strategies for High-Bandwidth Implementations of Snort
13.1 Barnyard (and Sguil)
13.2 Commericial IDS Load Balancers
13.3 The IDS Distribution System (I(DS)2)
Appendix A. Snort and ACID Database Schema
A.1 acid_ag
Appendix B. The Default snort.conf File
Appendix C. Resources
C.1 From Chapter 1: Introduction
C.2 From Chapter 2: Network Traffic Analysis
C.3 From Chapter 4: Know Your Enemy
C.4 From Chapter 6: Deploying Snort
C.5 From Chapter 7: Creating and Managing Snort Rules
C.6 From Chapter 8: Intrusion Prevention
C.7 From Chapter 10: Using ACID as a Snort IDS Management Console
C.8 From Chapter 12: Additional Tools for Snort IDS Management
C.9 From Chapter 13: Strategies for High-Bandwidth Implementations of Snort
Colophon
Index
index_SYMBOL
index_A
index_B
index_C
index_D
index_E
index_F
index_G
index_H
index_I
index_J
index_K
index_L
index_M
index_N
index_O
index_P
index_Q
index_R
index_S
index_T
index_U
index_V
index_W
index_X
index_Y
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Auditing the Kanban
Improving the Kanban
Appendix A MRP vs. Kanban
Appendix E EOQ vs. Kanban
Appendix H Case Study 1: Motor Plant Casting Kanban
Systematic Software Testing (Artech House Computer Library)
Test Execution
The Software Tester
Appendix C IEEE Templates
Appendix D Sample Master Test Plan
Appendix E Simplified Unit Test Plan
Developing Tablet PC Applications (Charles River Media Programming)
Your First Windows Forms Application
Obtaining the Tablet PC SDK
Creating an MP3 Player
Power Management for the Tablet PC
Tablet Fax
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Hack 9. Use del.icio.us to Keep Up with Google Maps
Hack 14. Create Custom Map Markers
Hack 25. Track Your UPS Packages
Hack 46. Browse Photography by Shooting Location
Hack 48. Tell Your Communitys Story
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
Planning a Structured Wiring Installation
Home Lighting Devices
Troubleshooting and Maintaining Lighting Control Systems
Home Communication System Basics
Designing a Home Security System
Java Concurrency in Practice
Guarding State with Locks
Liveness and Performance
Safe Publication
Why are GUIs Single-threaded?
Explicit Locks
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies