Irregular Expressions:

snort

1

January 31, 2011  3:15 PM

Building a snort sensor – part 2



Posted by: Dan O'Connor
configure snort, ids, snort

Now with Snort installed we need to do configuration and get some rules. cd /usr/local/etc/snort/ Make sure to setup your HOME_NET and configure any additional paths for your rule sets. Go to snort.org and create an account, then get an oinkcode.  Now you can use the command like to...

January 30, 2011  11:02 PM

Building a snort sensor – part 1



Posted by: Dan O'Connor
ids, snort

I have already covered Suricata in my previous posts, but sometimes you just need to have snort setup for various reasons. First go get freebsd http://www.freebsd.org/ , then use the FreeBSD handbook (if you need to) and create a basic installation.  I...


October 19, 2010  10:10 PM

Professional IDS rules



Posted by: Dan O'Connor
ids rules, snort, suricata

Exciting news, there is a new professional feed available for your Suricata and Snort install. http://www.emergingthreatspro.com/ They are planning to support more platforms beyond Snort and Suricata, with full time research and daily updates. I can't wait to see what other engines they...


April 27, 2010  11:11 PM

Snort updated



Posted by: Dan O'Connor
snort

Snort was updated on the 26th, http://www.snort.org/downloads . Here is the list of new additions and improvements from the update.

2010-04-22 - Snort 2.8.6

[*] New Additions
   * HTTP Inspect now splits requests into 5 components -
     Method, URI, Header (non-cookie), Cookies,...


February 9, 2010  8:24 AM

Next generation IDS/IPS engine



Posted by: Dan O'Connor
ids, ips, oisf, snort, suricata, vrt

Suricata http://www.openinfosecfoundation.org I have been following this since there was first talk of creating a new engine.  They have released version 0.80. The engine is to load the current Snort rule sets and VRT rule sets out of the box! Once I complete my exam this week I will...


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: