Home > Snort configuration -- Conclusion
Snort IDS tips for VARs and systems integrators:
EMAIL THIS LICENSING & REPRINTS

Snort configuration -- Conclusion

25 Jan 2007 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

In the next Snort Report we will see what sorts of activity Snort might detect given this limited configuration. In the Snort Report that follows we will explore Snort's new dynamic preprocessors (FTP, TELNET, SMTP, SSH, DCE-RPC and DNS) by adding them to the configuration file.


Snort: Understanding the configuration file

 Introduction: Upgrade to Snort 2.6.1.2
 The snort.conf file
 Defining IP ranges of interest
 Defining ports of interest
 Core preprocessors
 Non-dynamic preprocessors
 Conclusion

About the author
Richard Bejtlich is founder of TaoSecurity, author of several books on network security monitoring, including Extrusion Detection: Security Monitoring for Internal Intrusions, and operator of the TaoSecurity blog.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2006 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts