Our Snort Report tip series helps value-added resellers and systems integrators troubleshoot and configure the open source intrusion detection system on clients' networks. Check out our five most popular tips from expert Richard Bejtlich, ranging from setting up the IDS to upgrading it.

TIP #1-----------------------------------------------------------------------

    Requires Free Membership to View

Snort IDS installation basics and tips for security resellers
Snort can be immensely helpful with the prevention of intrusions on your clients' networks. Learn how to install the intrusion detection system and utilize it to its fullest capacity.

TIP #2-----------------------------------------------------------------------

Snort IDS upgrade and tips on the Snort.conf file
Check out this tip for details on the Snort 2.6.1.2 upgrade and snort.conf file functions enabled by default, such as IP ranges, ports of interest and preprocessors.

TIP #3-----------------------------------------------------------------------

Snort Report
Read the rest of the Snort Report tips from Richard Bejtlich

Output options for Snort data
Without output options, VARs can't produce Snort data in a meaningful manner. Learn the capabilities and limitations of different features.

TIP #4-----------------------------------------------------------------------

How to test Snort
As a value-added reseller or service provider, you may need to test Snort to ensure that the open source IDS is detecting malicious activity on your client's network or to determine how the custom rule you wrote will impact Snort's performance. Learn the best practices for testing Snort.

TIP #5-----------------------------------------------------------------------

Snort IDS rules
Familiarize yourself with Snort IDS rules best practices in this edition of Snort Report, which includes a discussion on Sourcefire and Bleeding Edge Threats (BET) rules.


This was first published in November 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: