Working with/Setting up IDS (Papers)

["David Vertie" <verticalrave () hotmail com>]

Hey there,
For those interested in setting up IDS/learning more about IDS, here are 
several guides that are on the Web that may help in the endeavour.

Feel free to reply and add more guides you have found in the past that were 
useful.

Many of the below stated are pdf documents (Adobe Acrobat)

The IDS deployment provides extensive documentation on setting up Snort (a 
very popular IDS) in various configurations, including spanning with 
100/1000 ports which many list members have taken interest in lately.

http://www.snort.org/docs/

CERT itself has an article on IDS and its usefulness

"Defending Yourself: The Role of Intrusion Detection Systems"
http://www.cert.org/archive/pdf/IEEE_IDS.pdf

"Intrusion Detection: Implementation and Operation Issues"
http://www.stsc.hill.af.mil/crosstalk/2001/01/mchugh.html


These papers should greatly assist many people on the list, those who have 
been asking questions/or watching the list on intrusion detection.

Good luck in your IDS endeavors.






_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail


-----------------------------------------------------------
ALERT: Exploiting Web Applications- A Step-by-Step Attack Analysis
Learn why 70% of today's successful hacks involve Web Application
attacks such as: SQL Injection, XSS, Cookie Manipulation and Parameter 
Manipulation.
http://www.spidynamics.com/mktg/webappsecurity71