Security Basics mailing list archives
Re: starting point
From: Alexandros Papadopoulos <apapadop () alumni cmu edu>
Date: Tue, 18 Apr 2006 17:21:46 +0300
On Friday 14 April 2006 10:30, nemanja.janic () gmail com wrote: <snip>
look for, and i'm not sure how to interpret what i see. Where do i start, what papers or books do i read, in order to better understand what Ethereal tells me when i look at the results of monitoring. I played with filters, and have grown comfortable with using them, as well as most of the options Ethereal gives me. I think i'm ready for
TCP/IP Illustrated, Volume 1 - Stevens Will explain everything there is to see in a standard IPv4 network.
the next step :) Any pointers to interesting filter strings, examples of normal and strange traffic would really be a great help.
<snip> I think you're touching on the notion of a network IDS here. Have a look at snort. -A ------------------------------------------------------------------------- This List Sponsored by: Webroot Don't leave your confidential company and customer records un-protected. Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no obligation. See why so many companies trust Spy Sweeper Enterprise to eradicate spyware from their networks. FREE 30-Day Trial of Spy Sweeper Enterprise http://www.webroot.com/forms/enterprise_lead.php --------------------------------------------------------------------------
Current thread:
- starting point nemanja . janic (Apr 17)
- Re: starting point Kevin Johnson (Apr 18)
- RE: starting point Murad Talukdar (Apr 19)
- Re: starting point Alexandros Papadopoulos (Apr 18)
- Re: starting point Kevin Johnson (Apr 18)