Our Snort Report tip series helps value-added resellers and systems integrators troubleshoot and configure the open source intrusion detection system on clients' networks. Check out our five most popular tips from expert Richard Bejtlich, ranging from setting up the IDS to upgrading it.
TIP #1-----------------------------------------------------------------------
Snort IDS installation basics and tips for security resellers
Snort can be immensely helpful with the prevention of intrusions on your clients' networks. Learn how to install the intrusion detection system and utilize it to its fullest capacity.
TIP #2-----------------------------------------------------------------------
Snort IDS upgrade and tips on the Snort.conf file
Check out this tip for details on the Snort 2.6.1.2 upgrade and snort.conf file functions enabled by default, such as IP ranges, ports of interest and preprocessors.
TIP #3-----------------------------------------------------------------------
Output options for Snort data
Without output options, VARs can't produce Snort data in a meaningful manner. Learn the capabilities and limitations of different features.
TIP #4-----------------------------------------------------------------------
How to test Snort
As a value-added reseller or service provider, you may need to test Snort to ensure that the open source IDS is detecting malicious activity on your client's network or to determine how the custom rule you wrote will impact Snort's performance. Learn the best practices for testing Snort.
TIP #5-----------------------------------------------------------------------
Snort IDS rules
Familiarize yourself with Snort IDS rules best practices in this edition of Snort Report, which includes a discussion on Sourcefire and Bleeding Edge Threats (BET) rules.
