Home > Snort Report
Snort IDS tips for VARs and systems integrators:
EMAIL THIS

Snort Report

11 Jul 2007 | by Richard Bejtlich

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Every month Richard Bejtlich, founder of TaoSecurity and intrusion detection expert, shows value-added resellers (VARs) and systems integrators how to use the open source IDS Snort. Bookmark this page and come back often for new tips.

  • Snort IDS installation basics and tips for security resellers
    Tips on the productive use of Snort, with details on running the open source IDS/IPS in sniffer, packet logger and intrusion detection modes.

  • Snort IDS upgrade and tips on the Snort.conf file
    Details on upgrading to Snort 2.6.1.2 and discussion on functions enabled by default in the snort.conf file -- such as IP ranges, ports of interest and preprocessors.

  • Detect events without Snort IDS rules
    Learn what events you can detect when running a basic snort.conf configuration file.

  • Understand the Snort IDS Concurrent Versions System (CVS) and 2.7 Beta 1 installation
    Learn about the new preprocessor in the Beta 1 version of Snort and how to protect against vulnerabilities prior to the release of Snort Beta 2 by using the Snort Concurrent Versions System (CVS).

  • Snort IDS rules
    Familiarize yourself with Sourcefire and Bleeding Edge Threats (BET) Snort rules.

  • Output options for Snort data
    Output options are necessary to produce meaningful Snort data. Learn the capabilities and limitations of different features.

  • Working with unified output
    You can improve Snort's performance by using unified output. This tip demonstrates how to use Barnyard, a popular unified output reader.



    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Open Source Security Software
    Network session data analysis with Snort and Argus
    How to use shared object rules in Snort
    Why is the Snort IDS still alive and thriving?
    Is Snort right for the IDS needs of all clients?
    What is the difference between Snort and Bro?
    Will deploying Snort detect malicious events quickly?
    What does the future hold for Snort?
    How can I learn more about Snort?
    What extra functionality do Snort add-ons provide?
    Does Snort support target-based intrusion detection?

    Network Intrusion Detection and Prevention
    Juniper launches mid-level security appliances
    Must-haves for wireless network security: WLAN switches, intrusion detection and more
    Host-based IDS/IPS Partner Program Directory
    Understanding Snort's Unified2 output
    Network security algorithms introduction
    Searching for multiple strings in packet payloads
    IP traceback via probabilistic marking
    Approximate string matching
    Detecting worms
    IP traceback via logging

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary


    • HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    SEARCH 
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts