IDS mailing list archives
Re: Need help/info
From: "Fossett, Jeff S" <Fossett.Jeff () con-way com>
Date: Mon, 25 May 2009 15:19:51 -0700
Another great book on Snort and Ethereal is "Hack the Stack". It is from a whitehat/CEH perspective. On May 25, 2009, at 11:01 AM, "Stephen Mullins" <steve.mullins.work () gmail com
wrote:
All of the information you need is available on the web. Just google your way through this. At the end of it all you should be pretty well versed in Snort and associated tasks (sensor placement etc.). Have fun with it. I'm a little envious that you get to do this security build out from scratch. I have resorted to deploying Snort on my home network to get that experience. If you aren't set on an analysis front end yet I suggest Sguil, of which I am a big fan. Steve Mullins On Wed, May 20, 2009 at 6:25 PM, ubernewbie <duppyconqueror33 () gmail comwrote: I work for a small company with a hub/spoke network. I've been tasked with setting up an IDS(Snort) to begin monitoring security related events and basically build out a security program/infrastructure. Do any of you have any good sites/forums that go into the process of intrusion detection. I can get the alerts from snort but there are so many that it it's hard to make heads or tails. I'm looking for ideas on what to look for and what to pay specific attention to. Also any good websites that alert/explain new vulnerabilities would be great. Any help would be appreciated. -- View this message in context: http://www.nabble.com/Need-help-info-tp23644667p23644667.html Sent from the IDS (Intrusion Detection System) mailing list archive at Nabble.com.
Current thread:
- Need help/info ubernewbie (May 21)
- Re: Need help/info Alexandros Papadopoulos (May 21)
- Re: Need help/info Stephen Mullins (May 25)
- Re: Need help/info Tyrel McMahan (May 25)
- Re: Need help/info Fossett, Jeff S (May 26)
- Re: Need help/info Richard Bejtlich (May 25)
- Re: Need help/info Stephen Mullins (May 26)
- Re: Need help/info Joel Esler (May 25)