IDS mailing list archives

Re: Need help/info

From: Alexandros Papadopoulos <apapadop () alumni cmu edu>
Date: Thu, 21 May 2009 15:26:21 +0100

On Wed, May 20, 2009 at 11:25 PM, ubernewbie <duppyconqueror33 () gmail com> wrote:


I work for a small company with a hub/spoke network. I've been tasked with
setting up an IDS(Snort) to begin monitoring security related events and
basically build out a security program/infrastructure.  Do any of you have
any good sites/forums that go into the process of intrusion detection.

<snip>

Well... I would first of all ask onsite help from someone who is more
experienced than this.

For a general "what is snort" article, see
http://en.wikipedia.org/wiki/Snort_(software)

For documentation on specific setups etc see http://www.snort.org/docs/

But, this is not just a point-and-click product, you need to
understand exactly what you're trying to achieve, what the threats are
and what your response will be when you get an alert...

Cheers

-A

Current thread:

Need help/info ubernewbie (May 21)
- Re: Need help/info Alexandros Papadopoulos (May 21)
- Re: Need help/info Stephen Mullins (May 25)
  - Re: Need help/info Tyrel McMahan (May 25)
  - Re: Need help/info Fossett, Jeff S (May 26)
- Re: Need help/info Richard Bejtlich (May 25)
  - Re: Need help/info Stephen Mullins (May 26)
- Re: Need help/info Joel Esler (May 25)