Solved

Snort Based IDS Config

Posted on 2014-01-20
1
392 Views
Last Modified: 2014-01-21
I'm looking for tutorial to teach step-by-step, how to configure a snort based NIDS. A video would most helpful but any book will do as well.
0
Comment
Question by:SydNal2009
1 Comment
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 39796827
Better means is to get hand dirty and hopefully it get some kickstart. I believe the other experienced experts in snort can share more tips and experience too...the tough part is not the setup or installation but to really get it fit for your deployment needs and environment right at first will not be a bed of roses....Security onion is definitely a good start to learn it

snort official
(know it as fundamental though hardest to ingest at first. but it is reference not to neglect and fallback) http://www.snort.org/docs
(join in the community as learning curve to shorten - ask question. there is webcast to help bridge knowledge and know how sharing)
http://www.snort.org/community
http://www.snort.org/community/snort-webcast-series/

Tutorial  (rather old but still stands)
http://openmaniak.com/snort_tutorial_snort.php
http://www.thegeekstuff.com/2010/08/snort-tutorial/

On Security Onion
(the screenshot walkthrough is useful)
http://ptcoresec.eu/2013/02/14/tutorial-how-to-install-and-use-security-onion-pt-1/

Videos
(Irongeek.com has a ton of videos and security how to)
http://www.irongeek.com/i.php?page=videos/basic-setup-of-security-onion-snort-snorby-barnyard-pulledpork-daemonlogger
(This is quick snapshot but good to give you a flavour)
http://searchsecurity.techtarget.com/video/Security-Onion-tutorial-Analyze-network-traffic-using-Security-Onion
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Read about achieving the basic levels of HRIS security in the workplace.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question