Home > Snort Technical Guide
Technical Guide:
EMAIL THIS LICENSING & REPRINTS

Snort Technical Guide

26 Jul 2005

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

To paraphrase Bruce Schneier, banks do not depend solely on vaults to keep their assets safe; they also employ detection and response mechanisms in the form of alarms and guards. Your network, or more properly the data on it, is one of the most important assets your company has. You already protect it with a vault -- your firewall, and logical and physical perimeter security. But if you don't have alarms (intrusion-detection systems) and guards (incident response), you are not as secure as you could be.

Arguably one of the best network intrusion-detection systems (NIDS) is the free and open source Snort package. It has a large and active community, and is backed by the commercial company SourceFire, making Snort a strong contender in the NIDS market. The package itself is free. All that's required is some hardware to run it on and the time to install, configure and maintain it. Snort runs on any modern operating system (including Windows and Linux), but some consider it to be complicated to operate. The goal of this guide is to take some of the mystery out of Snort.


SNORT TECHNICAL GUIDE

  Why Snort makes IDS worth the time and effort
  How to identify ports
  How to deal with switches and segments
  Where to place IDS sensors
  What OS to use for Snort sensors
  How to determine how many interfaces a sensor needs
  How to modify and write custom Snort rules
  How to define Snort's configuration variables
  Where to find Snort rules
  How to automatically update Snort rules
  How to decipher the Oinkcode
  How to verify that Snort is operating

ABOUT THE AUTHOR:
JP Vossen, CISSP, is a Senior Security Engineer for Counterpane Internet Security. He is involved with various open source projects including Snort, and has previously worked as an information security consultant and systems engineer.




Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Open Source Security Tools
Using Nessus Attack Scripting Language (NASL) to find application vulnerabilities
What are best practices for creating an IDS and maintaining a signature database?
How to install and configure Nessus
How to run a Nessus system scan
Nessus: Vulnerability scanning in the enterprise
Nessus 3 Tutorial
Screencasts: On-screen demonstrations of today's IT tools
Screencast: An introduction to the Open Source Security Testing Methodology Manual (OSSTMM)
Ophcrack: Password cracking made easy
Will Cisco's plan to open access to the IOS improve network security?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
Back Orifice  (SearchSecurity.com)
Blowfish  (SearchSecurity.com)
Kermit  (SearchSecurity.com)
Open Source Hardening Project  (SearchSecurity.com)
Snort  (SearchSecurity.com)
SnortSnarf  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts