Security Basics mailing list archives
Re: Best way to look for Worms/Malware
From: Todd Haverkos <infosec () haverkos com>
Date: Sat, 11 Sep 2010 10:34:51 -0500
Henri Salo <henri () nerv fi> writes:
On Mon, 8 Feb 2010 11:52:34 -0700 dhamm () cinci rr com wrote:While this might be a question for the IDS mailing list, I think it is a good Security Basics question too, as I am sure many of us getting into Security will have a similar question. I have a client that wants to get an idea whether or not there is anything roaming on the background on the network. He is running on an older non managed switch network, and wants to know what would be a good way to set up some kind of detector, besides having patching and anti virus. So my question is, should he setup an IDS of some kind, preferably something that can be setup quickly, with the understanding that he wants to setup a more permanent IDS solution in the near future. Or should he do some sort of IDS/Honeypot combination? Any suggestions would be appreciated. Thanks, David HammMy sugestions: nmap, snort and nepenthes http://nmap.org/ http://www.snort.org/ http://nepenthes.carnivore.it/
Snort is a very good suggestion. He'll need to get all network traffic to it, however, so his existing switch may not have a span port. -- Todd Haverkos, LPT MsCompE http://haverkos.com/ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Best way to look for Worms/Malware dhamm (Sep 10)
- Re: Best way to look for Worms/Malware Henri Salo (Sep 10)
- Re: Best way to look for Worms/Malware Todd Haverkos (Sep 13)
- Re: Best way to look for Worms/Malware Henri Salo (Sep 14)
- RE: Best way to look for Worms/Malware Sachin Chadha (Sep 15)
- Re: Best way to look for Worms/Malware Todd Haverkos (Sep 13)
- Re: Best way to look for Worms/Malware Henri Salo (Sep 10)