Search:

Type: Posts; User: bodhi.zazen; Keyword(s):

Search: Search took 0.04 seconds.

  1. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    Where to go from here

    Snort rules

    Understanding and managing snort rules / alerts takes some time and experience.

    Log into base. Chances are you will see one or more alerts.

    Click on the...
  2. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    - Testing snort -

    Despite all I have told you , if you still wish to test snort , lets make some noise ...

    If you installed Base, log in to the web interface as above.

    On the home page you...
  3. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    so_rules

    See : http://www.snort.org/snort-rules/about-so_rules

    To add these rules you will need to download the current snort rules and performs some additional configuration.

    When you...
  4. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    Update Snort Rules

    There are basically two ways to update your snort rules.

    You must register with snort (on the website) to obtain an updated set of rules.

    Download Snort Rules

    Please...
  5. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    Install && Configure base

    BASE is a web based graphical front end for snort alerts.

    About BASE
    BASE screen shots

    Download and extract BASE
  6. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    Configure postgresql and snort

    Configure postgresql

    First we shall make a database for snort. As you proceed with the configuration you might wish to use alternate database names, database...
  7. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    Install snort + postgresql + Apache

    The following command will install snort, apache, php5, and postgresql as well as dependencies and some goodies such as oinkmaster.

    Automatic configuration...
  8. Sticky: [all variants] Re: Network Intrusion Detection Systems (Snort)

    Useful commands / Alternates to snort

    This post serves as a very brief overview of useful commands.

    PSAD may be a viable alternate to snort.

    NMAP

    NMAP "beginners" tutorial
  9. Sticky: [all variants] Network Intrusion Detection Systems (Snort)

    Intro - What is snort and who should use it ?

    Snort is a NIDS tool. NIDS tools monitor network traffic for suspicious activity. While there are other tools (system (firewall) logs, wireshark,...
Results 1 to 9 of 9