Solved

urgent

Posted on 2007-11-18
4
206 Views
Last Modified: 2013-12-11
pls let me know how to create signatures for IDS , and same time what is rule for rule base and what important thing rule is searching in network which known as threats.
0
Comment
Question by:shridhar76
4 Comments
 
LVL 48

Expert Comment

by:Tintin
Comment Utility
Err, it would be extremely useful if you mentioned which IDS you are using and on which platform.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
Comment Utility
With snort, and many others, you have to be able to identify unique data (payload) and or behavior.
http://www.snort.org/docs/snort_manual/node16.html
You will need TCPDump or Wireshark (aka ethereal)
-rich
0
 
LVL 1

Expert Comment

by:Computer101
Comment Utility
Forced accept.

Computer101
EE Admin
0

Featured Post

Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now