Snort cookbook solutions and examples for Snort administrators
If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way t...
| Autor principal: | |
|---|---|
| Otros Autores: | , |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Sebastopol, California :
O'Reilly Media
2005.
|
| Edición: | First edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627127706719 |
Tabla de Contenidos:
- Snort Cookbook; Contents of This Book; Conventions Used in This Book; Using Code Examples; Safari Enabled; How to Contact Us; Acknowledgments; Simon Biles; Jake Babbin; 1. Installation and Optimization; 1.1. Installing Snort from Source on Unix; Solution; Discussion; See Also; 1.2. Installing Snort Binaries on Linux; Solution; Discussion; See Also; 1.3. Installing Snort on Solaris; Solution; Discussion; See Also; 1.4. Installing Snort on Windows; Solution; Discussion; See Also; 1.5. Uninstalling Snort from Windows; Solution; Discussion; See Also; 1.6. Installing Snort on Mac OS X; Solution
- DiscussionSee Also; 1.7. Uninstalling Snort from Linux; Solution; Discussion; See Also; 1.8. Upgrading Snort on Linux; Solution; Discussion; See Also; 1.9. Monitoring Multiple Network Interfaces; Solution; Discussion; See Also; 1.10. Invisibly Tapping a Hub; Solution; Discussion; See Also; 1.11. Invisibly Sniffing Between Two Network Points; Solution; Discussion; See Also; 1.12. Invisibly Sniffing 100 MB Ethernet; Solution; Discussion; See Also; 1.13. Sniffing Gigabit Ethernet; Solution; Discussion; See Also; 1.14. Tapping a Wireless Network; Solution; Discussion; See Also
- 1.15. Positioning Your IDS SensorsSolution; Discussion; Medium-sized business; Larger organizations; See Also; 1.16. Capturing and Viewing Packets; Solution; Discussion; See Also; 1.17. Logging Packets That Snort Captures; Solution; Discussion; See Also; 1.18. Running Snort to Detect Intrusions; Solution; Discussion; See Also; 1.19. Reading a Saved Capture File; Solution; Discussion; See Also; 1.20. Running Snort as a Linux Daemon; Solution; See Also; 1.21. Running Snort as a Windows Service; Solution; Discussion; See Also; 1.22. Capturing Without Putting the Interface into Promiscuous Mode
- SolutionDiscussion; See Also; 1.23. Reloading Snort Settings; Solution; Discussion; See Also; 1.24. Debugging Snort Rules; Solution; Discussion; See Also; 1.25. Building a Distributed IDS (Plain Text); Solution; Discussion; Server side; See Also; 1.26. Building a Distributed IDS (Encrypted); Solution; Encryption only; Server side; Discussion; See Also; 2. Logging, Alerts, and Output Plug-ins; 2.1. Logging to a File Quickly; Solution; Discussion; See Also; 2.2. Logging Only Alerts; Solution; Discussion; See Also; 2.3. Logging to a CSV File; Solution; Discussion; See Also
- 2.4. Logging to a Specific FileSolution; Discussion; See Also; 2.5. Logging to Multiple Locations; Solution; Discussion; See Also; 2.6. Logging in Binary; Solution; Discussion; See Also; 2.7. Viewing Traffic While Logging; Solution; Discussion; See Also; 2.8. Logging Application Data; Solution; Discussion; See Also; 2.9. Logging to the Windows Event Viewer; Solution; Discussion; See Also; 2.10. Logging Alerts to a Database; Solution; Discussion; See Also; 2.11. Installing and Configuring MySQL; Solution; Discussion; See Also; 2.12. Configuring MySQL for Snort; Solution; Discussion; See Also
- 2.13. Using PostgreSQL with Snort and ACID
