Flylib.com
Managing Security with Snort and IDS Tools
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Managing Security with Snort and IDS Tools
Table of Contents
Copyright
Preface
Audience
About This Book
Assumptions This Book Makes
Chapter Synopsis
Conventions Used in This Book
Comments and Questions
Acknowledgments
Chapter 1. Introduction
1.1 Disappearing Perimeters
1.2 Defense-in-Depth
1.3 Detecting Intrusions (a Hierarchy of Approaches)
1.4 What Is NIDS (and What Is an Intrusion)?
1.5 The Challenges of Network Intrusion Detection
1.6 Why Snort as an NIDS?
1.7 Sites of Interest
Chapter 2. Network Traffic Analysis
2.1 The TCPIP Suite of Protocols
2.2 Dissecting a Network Packet
2.3 Packet Sniffing
2.4 Installing tcpdump
2.5 tcpdump Basics
2.6 Examining tcpdump Output
2.7 Running tcpdump
2.8 ethereal
2.9 Sites of Interest
Chapter 3. Installing Snort
3.1 About Snort
3.2 Installing Snort
3.3 Command-Line Options
3.4 Modes of Operation
Chapter 4. Know Your Enemy
4.1 The Bad Guys
4.2 Anatomy of an Attack: The Five Ps
4.3 Denial-of-Service
4.4 IDS Evasion
4.5 Sites of Interest
Chapter 5. The snort.conf File
5.1 Network and Configuration Variables
5.2 Snort Decoder and Detection Engine Configuration
5.3 Preprocessor Configurations
5.4 Output Configurations
5.5 File Inclusions
Chapter 6. Deploying Snort
6.1 Deploy NIDS with Your Eyes Open
6.2 Initial Configuration
6.3 Sensor Placement
6.4 Securing the Sensor Itself
6.5 Using Snort More Effectively
6.6 Sites of Interest
Chapter 7. Creating and Managing Snort Rules
7.1 Downloading the Rules
7.2 The Rule Sets
7.3 Creating Your Own Rules
7.4 Rule Execution
7.5 Keeping Things Up-to-Date
7.6 Sites of Interest
Chapter 8. Intrusion Prevention
8.1 Intrusion Prevention Strategies
8.2 IPS Deployment Risks
8.3 Flexible Response with Snort
8.4 The Snort Inline Patch
8.5 Controlling Your Border
8.6 Sites of Interest
Chapter 9. Tuning and Thresholding
9.1 False Positives (False Alarms)
9.2 False Negatives (Missed Alerts)
9.3 Initial Configuration and Tuning
9.4 Pass Rules
9.5 Thresholding and Suppression
Chapter 10. Using ACID as a Snort IDS Management Console
10.1 Software Installation and Configuration
10.2 ACID Console Installation
10.3 Accessing the ACID Console
10.4 Analyzing the Captured Data
10.5 Sites of Interest
Chapter 11. Using SnortCenter as a Snort IDS Management Console
11.1 SnortCenter Console Installation
11.2 SnortCenter Agent Installation
11.3 SnortCenter Management Console
11.4 Logging In and Surveying the Layout
11.5 Adding Sensors to the Console
11.6 Managing Tasks
Chapter 12. Additional Tools for Snort IDS Management
12.1 Open Source Solutions
12.2 Commercial Solutions
Chapter 13. Strategies for High-Bandwidth Implementations of Snort
13.1 Barnyard (and Sguil)
13.2 Commericial IDS Load Balancers
13.3 The IDS Distribution System (I(DS)2)
Appendix A. Snort and ACID Database Schema
A.1 acid_ag
Appendix B. The Default snort.conf File
Appendix C. Resources
C.1 From Chapter 1: Introduction
C.2 From Chapter 2: Network Traffic Analysis
C.3 From Chapter 4: Know Your Enemy
C.4 From Chapter 6: Deploying Snort
C.5 From Chapter 7: Creating and Managing Snort Rules
C.6 From Chapter 8: Intrusion Prevention
C.7 From Chapter 10: Using ACID as a Snort IDS Management Console
C.8 From Chapter 12: Additional Tools for Snort IDS Management
C.9 From Chapter 13: Strategies for High-Bandwidth Implementations of Snort
Colophon
Index
index_SYMBOL
index_A
index_B
index_C
index_D
index_E
index_F
index_G
index_H
index_I
index_J
index_K
index_L
index_M
index_N
index_O
index_P
index_Q
index_R
index_S
index_T
index_U
index_V
index_W
index_X
index_Y
Managing Security with Snort and IDS Tools
ISBN: 0596006616
EAN: 2147483647
Year: 2006
Pages: 136
Authors:
Christopher Gerg
,
Kerry J. Cox
BUY ON AMAZON
Qshell for iSeries
Scripts - Debugging, Signals, and Traps
The Perl Utility
C and C++ Development Tools
Appendix B Qshell versus DOS
Appendix C Qshell and CL Commands for the IFS
VBScript Programmers Reference
Control of Flow
The Scripting Runtime Objects
Appendix A VBScript Functions and Keywords
Appendix D Visual Basic Constants Supported in VBScript
Appendix E VBScript Error Codes and the Err Object
Documenting Software Architectures: Views and Beyond
P.6. Seven Rules for Sound Documentation
Overview
For Further Reading
Building the Documentation Package
Other Views and Beyond
Building Web Applications with UML (2nd Edition)
Server-Side Risks
Glossary
Advanced Client-Side Scripting
Number Store Main Control Mechanism
UML to HTML
.NET-A Complete Development Cycle
Conclusion
Design of the GDI+ Extensions
Project Management Issues
Adding 3D Text to the Photo Editor Application
Project Management Issues
GDI+ Programming with C#
Your First GDI+ Application
Transformation with Brushes
Drawing a Line Chart
The Quality and Performance of Drawing
Reading and Writing Images to and from a Stream or Database
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies