Security Basics mailing list archives
RE: where should I start?
From: "Corey LeBleu" <coreylebleu () hotmail com>
Date: Fri, 03 Sep 2004 14:23:53 -0500
Might want to check out tcpdump to learn how to read traffic. You can write filters for it and it's a much more raw tool......you'll learn more. Good luck.
From: Bénoni MARTIN <Benoni.MARTIN () libertis ga> To: "chang zhu" <cyz2000 () yahoo com>,<security-basics () securityfocus com> Subject: RE: where should I start? Date: Wed, 1 Sep 2004 09:59:24 +0100 Hi !Ethereal is just a sniffer. Although you can specify some filters, it will NEVER check for suspicious traffic.What I can advice to start with is... The well-known Snort (www.snort.org). I started with that some 3 years ago, and this was really cool: you can for example look at the config files, see what kind of traffic will trigger up an alert, and the forge such a packet ...-----Message d'origine----- De : chang zhu [mailto:cyz2000 () yahoo com] Envoyé : mardi 31 août 2004 15:10 À : security-basics () securityfocus com Objet : where should I start? hi,allI want to learn how to use sniffer tools such as Etherreal...but I do not know how to detect abnormal traffic...Any advice or link will be greatly appreciated.Thanks, Chang _______________________________ Do you Yahoo!? Win 1 of 4,000 free domain names from Yahoo! Enter now. http://promotions.yahoo.com/goldrush ---------------------------------------------------------------------------Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again.http://www.infosecinstitute.com/courses/computer_forensics_training.html ---------------------------------------------------------------------------- ---------------------------------------------------------------------------Computer Forensics Training at the InfoSec Institute. All of our class sizesare guaranteed to be 12 students or less to facilitate one-on-oneinteraction with one of our expert instructors. Gain the in-demand skills ofa certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
_________________________________________________________________Dont just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
--------------------------------------------------------------------------- Computer Forensics Training at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse so that it never happens again. http://www.infosecinstitute.com/courses/computer_forensics_training.html ----------------------------------------------------------------------------
Current thread:
- where should I start? chang zhu (Aug 31)
- Re: where should I start? Liran Cohen (Sep 01)
- Re: where should I start? Ravi Kumar (Sep 02)
- RE: where should I start? dave kleiman (Sep 02)
- <Possible follow-ups>
- RE: where should I start? Bénoni MARTIN (Sep 02)
- RE: where should I start? Corey LeBleu (Sep 08)