Re: Need help/info

["Fossett, Jeff S" <Fossett.Jeff () con-way com>]

Another great book on Snort and Ethereal is "Hack the Stack".  It is  
from a whitehat/CEH perspective.



On May 25, 2009, at 11:01 AM, "Stephen Mullins" <steve.mullins.work () gmail com 
> wrote:

> All of the information you need is available on the web.  Just google
> your way through this.  At the end of it all you should be pretty well
> versed in Snort and associated tasks (sensor placement etc.).
>
> Have fun with it.  I'm a little envious that you get to do this
> security build out from scratch.  I have resorted to deploying Snort
> on my home network to get that experience.  If you aren't set on an
> analysis front end yet I suggest Sguil, of which I am a big fan.
>
> Steve Mullins
>
> On Wed, May 20, 2009 at 6:25 PM, ubernewbie <duppyconqueror33 () gmail com 
> > wrote:
> >
> > I work for a small company with a hub/spoke network. I've been  
> > tasked with
> > setting up an IDS(Snort) to begin monitoring security related  
> > events and
> > basically build out a security program/infrastructure.  Do any of  
> > you have
> > any good sites/forums that go into the process of intrusion  
> > detection. I can
> > get the alerts from snort but there are so many that it it's hard  
> > to make
> > heads or tails. I'm looking for ideas on what to look for and what  
> > to pay
> > specific attention to.  Also any good websites that alert/explain new
> > vulnerabilities would be great. Any help would be appreciated.
> > --
> > View this message in context: http://www.nabble.com/Need-help-info-tp23644667p23644667.html
> > Sent from the IDS (Intrusion Detection System) mailing list archive  
> > at Nabble.com.