Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: New to Snort !!!

from [Doug . Janelle] Network Security [Permanent Link]
Subject: Re: New to Snort !!!
Date: Wed, 1 Jun 2005 12:12:07 -0400 


Justin.Ross wrote:


my advice would be to place [the IDS] inside your
edge device, or behind your firewall. You won't see
external attacks to your firewall, but you will see
how/what attacks are coming through your edge and
into your "trusted" network,


I couldn't agree more, Justin. There's really not a whole
lot one can do about all the miscreants banging on the
door, so inundating your analysts with huge amounts of
data on attacks they can't do anything about only dulls
thier senses and dilutes the value of the data. Moving the
sensor inside improves the signal-to-noise dramatically.
You get the most value from knowing who got past your first
line of defence, and who's trying to get back out.

dcj2



--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: IDS\IPS that can handle one Gig, Andrew Plato
Next by Date:  RE: IDS\IPS that can handle one Gig, Palmer, Paul (ISSAtlanta)
Previous by Thread:  Re: New to Snort !!!, Justin . Ross
Next by Thread:  Re: IDS\IPS that can handle one Gig, Per Engelbrecht
Indexes:  [Date] [Thread] [Top] [All Lists]