Using Snort v1.8 with SnortSnarf on a RedHat Linux System
To effectively implement system and network security, a multi pronged approach should be used. Proper security policies, firewalls, proxy servers, properly complex passwords and intrusion detection systems layered together help form one of the bedrock principles, defense in depth. The purpose of defense in depth is to prevent inherent and unknown flaws in the technologies deployed from allowing unauthorized access into a system or server. The intrusion detection system's (IDS) job is to log attempts of unauthorized network access into the systems. There are two basic types of IDS systems, host-Based (HIDS) and network-based (NIDS). A host-based system would be on each and every host to be monitored. A network based IDS monitors the network traffic and is not directly impacted by which OS types are installed. The OS mix is only important in deciding which rule sets to deploy. The IDS system log files along with system log files go a long way to implement another principle 'Prevention is Ideal but detection is a must.' But what does detection do if the data is buried deep within the IDS log files? This analysis concentrates on several ways of getting the log file information from an open source IDS system called Snort. The tool that is explored for that purpose is SnortSnarf.
335 (PDF, 1.61MB)
25 Jul 2001Related Content
Cloud Security Monitoring on AWS
Research PaperCloud services adoption is growing massively year over year. In most cases, moving to the cloud...
- 8 Feb 2021
Firebase: Google Cloud's Evil Twin
Research PaperFirebase allows a frontend application to connect directly to a backend database. Security wonks...
- 8 Oct 2020
- Brandon Evans
Compliance Benchmarks using Cloud Custodian
Research PaperWith the increased cloud adaption rate, many companies are looking for ready to use product...
- 25 Sep 2020
Top 5 Considerations for Multicloud Security
Research PaperThe move to leveraging multiple public cloud providers introduces new challenges and opportunities...
- 15 Apr 2020
- Brandon Evans
Cybersecurity in the Age of the Cloud
Research PaperThe hand-selected resources in this eBook provide a well-rounded look at cybersecurity...
- 21 Feb 2020
- Frank Kim
Secure Internet Gateways: Backing Down from a Fight
Research PaperWhen does a security agent become a double agent? On-premise corporate devices are protected by a...
- 2 Nov 2018
Intrusion detection through traffic analysis from the endpoint using Splunk Stream
Research PaperWith technologies such as software-defined wide area networking (SD-WAN) and cloud operations, the...
- 24 May 2017
Cyber Security Trends: Aiming Ahead of the Target to Increase Security in 2017
Research PaperAttackers are always changing their methods, but some cybersecurity trends are clear--and...
- 20 Mar 2017
Moving Legacy Software and FOSS to the Cloud, Securely
Research PaperAs more organizations consider the benefits of cloud adoption and use of legacy or freeand open...
- 28 Dec 2015
An Introduction To Securing a Cloud Environment
Research PaperWhile Cloud services offer flexibility, scalability and economies of scale, there have...
- 27 Nov 2012
Cloud Computing - Maze in the Haze
Research PaperWhen Amazon announced its EC2 environment in August 2006, one might not have imagined the change in...
- 18 Oct 2011
Following Incidents into the Cloud
Research PaperThe increased level of complexity which cloud computing has introduced to incident handling is not...
- 1 Mar 2011
Step by Step Installation of a Secure Linux Web, DNS and Mail Server
Research PaperThis paper will show how the author configured a Linux based web and e-mail server for a small...
- 8 Apr 2004
The Art of Web Filtering
Research PaperWeb Filters are designed to improve the security and productivity of a network, but as with anything...
- 8 Apr 2004
Secure OS Environments for Linux
Research PaperIn this paper I make a review of the main set of tools and resources available for Linux system...
- 3 Jun 2003
The Consumer Desktop - The Weak Link in Internet Security and Why ISP's Are Uniquely Positio
Research PaperThe Internet community today is seeing a rapidly growing number of distributed denial-of-service...
- 11 Mar 2003
Norton AntiVirus C.E 7.6
Research PaperSince the Introduction of Norton Antivirus 7.x, Symantec have managed to created a truly remarkable...
- 10 Oct 2001
Security Strengths and Weaknesses of Two Popular Web Servers
Research PaperAs the mediator between your business and the world the Web Server that you choose must be...
- 19 Aug 2001