An example of communication between security tools: iptables - snort
ACM SIGOPS Operating Systems Review
Architectural impact of stateful networking applications
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Detecting intruders on a campus network: might the threat be coming from within?
Proceedings of the 33rd annual ACM SIGUCCS conference on User services
The impact of traffic aggregation on the memory performance of networking applications
MEDEA '04 Proceedings of the 2004 workshop on MEmory performance: DEaling with Applications , systems and architecture
Using VMM-based sensors to monitor honeypots
Proceedings of the 2nd international conference on Virtual execution environments
RAAS: a reliable analyzer and archiver for snort intrusion detection system
Proceedings of the 2007 ACM symposium on Applied computing
Design and implementation of an isolated sandbox with mimetic internet used to analyze malwares
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
The impact of traffic aggregation on the memory performance of networking applications
Journal of Embedded Computing - Embeded Processors and Systems: Architectural Issues and Solutions for Emerging Applications
Hierarchical multi-pattern matching algorithm for network content inspection
Information Sciences: an International Journal
Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
A Semi-Autonomic Framework for Intrusion Tolerance in Heterogeneous Networks
IWSOS '08 Proceedings of the 3rd International Workshop on Self-Organizing Systems
Session management architecture for implementing an FPGA-based stateful intrusion detection system
ACS'08 Proceedings of the 8th conference on Applied computer scince
String Kernel Based SVM for Internet Security Implementation
ICONIP '09 Proceedings of the 16th International Conference on Neural Information Processing: Part II
Design issues of an isolated sandbox used to analyze malwares
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Workload characterization of stateful networking applications
ISHPC'05/ALPS'06 Proceedings of the 6th international symposium on high-performance computing and 1st international conference on Advanced low power systems
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
An effective method for analyzing intrusion situation through IP-Based classification
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Biomonitoring, phylogenetics and anomaly aggregation systems
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
Rule indexing for efficient intrusion detection systems
WISA'11 Proceedings of the 12th international conference on Information Security Applications
Automatically building datasets of labeled IP traffic traces: A self-training approach
Applied Soft Computing
High performance session state management scheme for stateful packet inspection
APNOMS'07 Proceedings of the 10th Asia-Pacific conference on Network Operations and Management Symposium: managing next generation networks and services
| Hi-index | 0.00 |
From the Publisher:The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments. Complete with a free CD containing Snort 2.0 plus popular plug-Ins including ACID, Barnyard, and Swatch, Snort 2.0 Intrusion Detection is the first book dealing with the Snort IDS and is written by a member of Snort.org. Readers will receive valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios. Explore Snort's Features Master the three core features that make Snort so powerful: packet sniffing, packet logging, and intrusion detection. Install Snort Find instructions on installing Snort for both Linux and Microsoft Windows. Understand Rule Action Options Determine which of the five options is best for you: pass, log, alert, dynamic, or activate. Master stream4 and frag2 Preprocessors Enhance Snort's original rule-based pattern-matching model with stream4 and frag2. Configure Unified Logs Use unified logs to significantly increase the efficiency of the Snort sensor and free up your Snort engine. Manage Output Plug-Ins Install, configure, and use Swatch, ACID, SnortSnarf, IDSCenter, and other plug-ins to monitor log files. Watch for Rule Updates Use oinkmaster, a semi-automated tool, to download and compare new rulesets with old ones. Decide Which Rules to Enable Identify key protocols and services that are used on your network and determine the level of granularity required for your evidentiary logs. Install and Configure Barnyard Run Barnyard in one of three modes of operation: one-shot mode, continual mode, or continual with checkpoint mode. Register for Your 1 Year Upgrade The Syngress Solutions upgrade plan protects you from content obsolescence and provides monthly mailings, whitepapers, and more!