Flylib.com
Managing Security with Snort and IDS Tools
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Managing Security with Snort and IDS Tools
Table of Contents
Copyright
Preface
Audience
About This Book
Assumptions This Book Makes
Chapter Synopsis
Conventions Used in This Book
Comments and Questions
Acknowledgments
Chapter 1. Introduction
1.1 Disappearing Perimeters
1.2 Defense-in-Depth
1.3 Detecting Intrusions (a Hierarchy of Approaches)
1.4 What Is NIDS (and What Is an Intrusion)?
1.5 The Challenges of Network Intrusion Detection
1.6 Why Snort as an NIDS?
1.7 Sites of Interest
Chapter 2. Network Traffic Analysis
2.1 The TCPIP Suite of Protocols
2.2 Dissecting a Network Packet
2.3 Packet Sniffing
2.4 Installing tcpdump
2.5 tcpdump Basics
2.6 Examining tcpdump Output
2.7 Running tcpdump
2.8 ethereal
2.9 Sites of Interest
Chapter 3. Installing Snort
3.1 About Snort
3.2 Installing Snort
3.3 Command-Line Options
3.4 Modes of Operation
Chapter 4. Know Your Enemy
4.1 The Bad Guys
4.2 Anatomy of an Attack: The Five Ps
4.3 Denial-of-Service
4.4 IDS Evasion
4.5 Sites of Interest
Chapter 5. The snort.conf File
5.1 Network and Configuration Variables
5.2 Snort Decoder and Detection Engine Configuration
5.3 Preprocessor Configurations
5.4 Output Configurations
5.5 File Inclusions
Chapter 6. Deploying Snort
6.1 Deploy NIDS with Your Eyes Open
6.2 Initial Configuration
6.3 Sensor Placement
6.4 Securing the Sensor Itself
6.5 Using Snort More Effectively
6.6 Sites of Interest
Chapter 7. Creating and Managing Snort Rules
7.1 Downloading the Rules
7.2 The Rule Sets
7.3 Creating Your Own Rules
7.4 Rule Execution
7.5 Keeping Things Up-to-Date
7.6 Sites of Interest
Chapter 8. Intrusion Prevention
8.1 Intrusion Prevention Strategies
8.2 IPS Deployment Risks
8.3 Flexible Response with Snort
8.4 The Snort Inline Patch
8.5 Controlling Your Border
8.6 Sites of Interest
Chapter 9. Tuning and Thresholding
9.1 False Positives (False Alarms)
9.2 False Negatives (Missed Alerts)
9.3 Initial Configuration and Tuning
9.4 Pass Rules
9.5 Thresholding and Suppression
Chapter 10. Using ACID as a Snort IDS Management Console
10.1 Software Installation and Configuration
10.2 ACID Console Installation
10.3 Accessing the ACID Console
10.4 Analyzing the Captured Data
10.5 Sites of Interest
Chapter 11. Using SnortCenter as a Snort IDS Management Console
11.1 SnortCenter Console Installation
11.2 SnortCenter Agent Installation
11.3 SnortCenter Management Console
11.4 Logging In and Surveying the Layout
11.5 Adding Sensors to the Console
11.6 Managing Tasks
Chapter 12. Additional Tools for Snort IDS Management
12.1 Open Source Solutions
12.2 Commercial Solutions
Chapter 13. Strategies for High-Bandwidth Implementations of Snort
13.1 Barnyard (and Sguil)
13.2 Commericial IDS Load Balancers
13.3 The IDS Distribution System (I(DS)2)
Appendix A. Snort and ACID Database Schema
A.1 acid_ag
Appendix B. The Default snort.conf File
Appendix C. Resources
C.1 From Chapter 1: Introduction
C.2 From Chapter 2: Network Traffic Analysis
C.3 From Chapter 4: Know Your Enemy
C.4 From Chapter 6: Deploying Snort
C.5 From Chapter 7: Creating and Managing Snort Rules
C.6 From Chapter 8: Intrusion Prevention
C.7 From Chapter 10: Using ACID as a Snort IDS Management Console
C.8 From Chapter 12: Additional Tools for Snort IDS Management
C.9 From Chapter 13: Strategies for High-Bandwidth Implementations of Snort
Colophon
Index
index_SYMBOL
index_A
index_B
index_C
index_D
index_E
index_F
index_G
index_H
index_I
index_J
index_K
index_L
index_M
index_N
index_O
index_P
index_Q
index_R
index_S
index_T
index_U
index_V
index_W
index_X
index_Y
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Welcome to DarkBASIC
Programming the Keyboard, Mouse, and Joystick
Adding Sound Effects to Your Game
Playing Intro Movies and Cut-Scenes
Multiplayer Programming The Crazy Carnage Game
WebLogic: The Definitive Guide
JDBC
Configuring JDBC Connectivity
Using CMP and EJB QL
The Providers
WebLogics SNMP Infrastructure
Mapping Hacks: Tips & Tools for Electronic Cartography
Hack 33. Georeference an Arbitrary Tourist Map
Hack 64. Mapping Local Areas of Interest with Quantum GIS
Hack 77. Become a GRASS Ninja
Hack 80. Automatically Geocode U.S. Addresses
Hack 97. Set Up an OpenGuide for Your Hometown
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Hacks 19: Introduction
Hack 13. Create a Route with a Click (or Two)
Hacks 1728: Introduction
Hack 35. Load Driving Directions into Your GPS
Hack 48. Tell Your Communitys Story
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Article 384 Strut-Type Channel Raceway
Article 408: Switchboards and Panelboards
Article 440: Air Conditioning and Refrigerating Equipment
Example No. D4(a) Multifamily Dwelling
Example No. D4(b) Optional Calculation for Multifamily Dwelling
FileMaker 8 Functions and Scripts Desk Reference
Design Functions
Text Formatting Functions
Get(RecordNumber)
Middle()
Seconds()
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies