Security Basics mailing list archives

RE: where should I start?

From: Bénoni MARTIN <Benoni.MARTIN () libertis ga>
Date: Wed, 1 Sep 2004 09:59:24 +0100

Hi !

Ethereal is just a sniffer. Although you can specify some filters, it will NEVER check for suspicious traffic.

What I can advice to start with is... The well-known Snort (www.snort.org). I started with that some 3 years ago, and
this was really cool: you can for example look at the config files, see what kind of traffic will trigger up an alert,
and the forge such a packet ...

-----Message d'origine-----
De : chang zhu [mailto:cyz2000 () yahoo com]
Envoyé : mardi 31 août 2004 15:10
À : security-basics () securityfocus com
Objet : where should I start?

hi,all

I want to learn how to use sniffer tools such as Etherreal...but I do not know how to detect abnormal traffic...Any
advice or link will be greatly appreciated.

Thanks,

Chang

_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less
to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified
computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the
source of computer crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Current thread:

where should I start? chang zhu (Aug 31)
- Re: where should I start? Liran Cohen (Sep 01)
- Re: where should I start? Ravi Kumar (Sep 02)
- RE: where should I start? dave kleiman (Sep 02)
- <Possible follow-ups>
- RE: where should I start? Bénoni MARTIN (Sep 02)
- RE: where should I start? Corey LeBleu (Sep 08)