Re: Need help/infoMay 25 2009 06:27PM Richard Bejtlich (taosecurity gmail com) (1 replies)
Re: Need help/infoMay 26 2009 11:12AM Stephen Mullins (steve mullins work gmail com)
Re: Need help/infoMay 23 2009 07:12PM Stephen Mullins (steve mullins work gmail com) (2 replies)
All of the information you need is available on the web. Just google
your way through this. At the end of it all you should be pretty well
versed in Snort and associated tasks (sensor placement etc.).
Have fun with it. I'm a little envious that you get to do this
security build out from scratch. I have resorted to deploying Snort
on my home network to get that experience. If you aren't set on an
analysis front end yet I suggest Sguil, of which I am a big fan.
Steve Mullins
On Wed, May 20, 2009 at 6:25 PM, ubernewbie <duppyconqueror33 (at) gmail (dot) com [email concealed]> wrote:
>
> I work for a small company with a hub/spoke network. I've been tasked with
> setting up an IDS(Snort) to begin monitoring security related events and
> basically build out a security program/infrastructure. Do any of you have
> any good sites/forums that go into the process of intrusion detection. I can
> get the alerts from snort but there are so many that it it's hard to make
> heads or tails. I'm looking for ideas on what to look for and what to pay
> specific attention to. Also any good websites that alert/explain new
> vulnerabilities would be great. Any help would be appreciated.
> --
> View this message in context: http://www.nabble.com/Need-help-info-tp23644667p23644667.html
> Sent from the IDS (Intrusion Detection System) mailing list archive at Nabble.com.
>
>
>
>
your way through this. At the end of it all you should be pretty well
versed in Snort and associated tasks (sensor placement etc.).
Have fun with it. I'm a little envious that you get to do this
security build out from scratch. I have resorted to deploying Snort
on my home network to get that experience. If you aren't set on an
analysis front end yet I suggest Sguil, of which I am a big fan.
Steve Mullins
On Wed, May 20, 2009 at 6:25 PM, ubernewbie <duppyconqueror33 (at) gmail (dot) com [email concealed]> wrote:
>
> I work for a small company with a hub/spoke network. I've been tasked with
> setting up an IDS(Snort) to begin monitoring security related events and
> basically build out a security program/infrastructure. Do any of you have
> any good sites/forums that go into the process of intrusion detection. I can
> get the alerts from snort but there are so many that it it's hard to make
> heads or tails. I'm looking for ideas on what to look for and what to pay
> specific attention to. Also any good websites that alert/explain new
> vulnerabilities would be great. Any help would be appreciated.
> --
> View this message in context: http://www.nabble.com/Need-help-info-tp23644667p23644667.html
> Sent from the IDS (Intrusion Detection System) mailing list archive at Nabble.com.
>
>
>
>
[ reply ]