Focus on IDS
Need help/info May 20 2009 10:25PM
ubernewbie (duppyconqueror33 gmail com) (4 replies)
Re: Need help/info May 25 2009 07:57PM
Joel Esler (eslerj gmail com)
Re: Need help/info May 25 2009 06:27PM
Richard Bejtlich (taosecurity gmail com) (1 replies)
Re: Need help/info May 26 2009 11:12AM
Stephen Mullins (steve mullins work gmail com)
Re: Need help/info May 23 2009 07:12PM
Stephen Mullins (steve mullins work gmail com) (2 replies)
Re: Need help/info May 25 2009 10:19PM
Fossett, Jeff S (Fossett Jeff con-way com)
Re: Need help/info May 25 2009 08:09PM
Tyrel McMahan (tyrel tyrel pl)
Re: Need help/info May 21 2009 02:26PM
Alexandros Papadopoulos (apapadop alumni cmu edu)
On Wed, May 20, 2009 at 11:25 PM, ubernewbie <duppyconqueror33 (at) gmail (dot) com [email concealed]> wrote:
>
> I work for a small company with a hub/spoke network. I've been tasked with
> setting up an IDS(Snort) to begin monitoring security related events and
> basically build out a security program/infrastructure.  Do any of you have
> any good sites/forums that go into the process of intrusion detection.
<snip>

Well... I would first of all ask onsite help from someone who is more
experienced than this.

For a general "what is snort" article, see
http://en.wikipedia.org/wiki/Snort_(software)

For documentation on specific setups etc see http://www.snort.org/docs/

But, this is not just a point-and-click product, you need to
understand exactly what you're trying to achieve, what the threats are
and what your response will be when you get an alert...

Cheers

-A

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus