SEARCH RESULTS
 
Showing 1-10 of 15 records
 
Expand article

Snort Report 14 Posted

The Article has images
2008-04-12 01:12:00 by Richard Bejtlich in TaoSecurity
...Snort Report titled Network session data analysis with Snort and Argus . The article doesn't talk about Snort (despite the title -- not mine!) but it does discuss Argus , the network session tool developed by Carter Bullard. From the start of the article This edition of the Snort Report departs from the standard format by introducing a data...
 
Tags: snort, alongside snort, deploy snort, 14th snort report, data, supplementary data sources, discusses snort, supplement snort, data format
 
 
 
 
Expand article

Snort Report 13 Posted

The Article has images
2008-02-14 22:05:00 by Richard Bejtlich in TaoSecurity
...Snort Report titled How to use shared object rules in Snort is posted. From the start of the article Shared object (SO) rules were introduced in Snort 2.6.0 in early 2006 to provide a means to obscure the exact detection mechanism used in the rule and allow for more flexible detection criteria. However, for the most part, organizations have...
 
Tags: snort, snort sensors, 13th snort report, rules, object rules, traditional snort rules, object, recent security advisory, taosecurity
 
 
 
 
Expand article

Justifying Snort

2008-05-12 15:12:01 by Richard Bejtlich in WhatIs: Enterprise IT tips and expert advice
 
Intrusion detection systems like Snort can be invaluable to your customers and their networks. Learn how to justify Snort to your customers by highlighting its capabilities
 
Tags: snort, intrusion detection systems, customers, capabilities, networks, invaluable
 
 
 
 
Expand article

Snort Frequently Asked Questions Podcast Posted

The Article has images
2008-01-17 11:30:00 by Richard Bejtlich in TaoSecurity
...Snort operators. You should be able to reach the podcast via this link . Note that when I recorded the podcast we didn't know that Emerging Threats would replacing Bleeding Threats Copyright 2003-2008 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com
 
Tags: podcast, podcast applies, taosecurity, threats, snort operators, questions, month ago, frequently, richard bejtlich
 
 
 
 
Expand article

Report Card: 2007 Incite #3 - Perimeter (R)Evolution

2007-12-24 06:53:30 by Mike Rothman in Mike Rothman's blog
 
...Snort, OpenVPN, Spam Assassin, et al, are robust and mature. There are a bunch of companies (Astaro, Untangle, StillSecure/Cobia) that build wrappers around these technologies to make it easier for customers to implement. Sure these vendors do a little more than package the open-source distribution but the reality is the existing perimeter...
 
Tags: perimeter, platform, perimeter platform continues, perimeter defense activities, security, security specialists, incite, source perimeter platforms, content security
 
 
 
 
Expand article

The Daily Incite - February 25, 2008

The Article has images
2008-02-25 09:38:18 by Mike Rothman in Mike Rothman's blog
...Snort. He just thought it was a crappy deal on fundamental terms, which gets back to Richard's long standing disdain of anything IDS. Given FIRE's two blown quarters right out of the gate, he's not wrong. 3Com's deal falling apart is different. It's largely because of Huawei, but in reality Bain could easily have written a check for the...
 
Tags: information security, information, security, core security, security people, top security news, incite, virtualization security, internet security
 
 
 
 
Expand article

Best. Quote. Ever.

The Article has images
2008-03-04 02:24:00 by Richard Bejtlich in TaoSecurity
...Snort Report Copyright 2003-2008 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com
 
Tags: future snort report, taosecurity, intrusion detection system, national protection, market failure, normal traffic, richard bejtlich, robert jamison, adept
 
 
 
 
Expand article

Common Interface to Packets

The Article has images
2008-03-07 11:26:00 by Richard Bejtlich in TaoSecurity
...Snort listens to generate alerts, SANCP listens to create session records, Daemonlogger listens to log full content data, PADS listens to generate host records, and so on Second, one could buy a fairly open packet capture box and create virtual interfaces which provide a traffic stream to applications. Options which come to mind include...
 
Tags: traffic, traffic stream, common interface, packet capture box, tap collects traffic, packet capture, products, applications, multiple products
 
 
 
 
Expand article

Matt Jonkman and Endace on Accelerating Snort

The Article has images
2008-03-08 11:24:00 by Richard Bejtlich in TaoSecurity
If you missed it last month, you can watch Matt Jonkman's Faster Snorting Webinar at the Endace Web site. Matt posted answers to various questions posed by readers and you can download his slides or whitepapers if interested Copyright 2003-2008 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com
 
Tags: matt jonkman, matt, taosecurity, endace web site, richard bejtlich, questions posed, whitepapers, slides, month
 
 
 
 
Expand article

OpenPacket.org 1.0 Is Live

The Article has images
2008-04-04 18:06:00 by Richard Bejtlich in TaoSecurity
...Snort, Ethereal, and so on Analysts who collect their own traffic will be able to submit it to the OpenPacket.org database after they register Anonymous users can download any trace that's published. Only registered users can upload. This system provides a level of accountability for trace uploads Our moderators will review the trace to...