Snort configuration -- Conclusion

This segment wraps up the Snort configuration tip.

Published: 25 Jan 2007

In the next Snort Report we will see what sorts of activity Snort might detect given this limited configuration. In the Snort Report that follows we will explore Snort's new dynamic preprocessors (FTP, TELNET, SMTP, SSH, DCE-RPC and DNS) by adding them to the configuration file.

Snort: Understanding the configuration file

Introduction: Upgrade to Snort 2.6.1.2
The snort.conf file
Defining IP ranges of interest
Defining ports of interest
Core preprocessors
Non-dynamic preprocessors
Conclusion

About the author
Richard Bejtlich is founder of TaoSecurity, author of several books on network security monitoring, including Extrusion Detection: Security Monitoring for Internal Intrusions, and operator of the TaoSecurity blog.

Dig Deeper on Managed network services technology

MicroscopeUK

Ransomware has MSPs in its sights

Peter Geytenbeek, senior manager of channels EMEA at Thycotic, shares a warning about the need for managed service providers to ...

CrowdStrike backing top partners

Security player will deepen investment in its top-level partners as it looks to reward those who have invested in the firm

Commvault’s channel chief outlines a busy year ahead

Recently appointed John Tavares has plans to reach out to MSPs, get more partners involved with SaaS and has a partner programme ...

SearchSecurity

What is the future of cybersecurity?

Remote work is here to stay, so it's time to rethink the short-term fixes made in 2020. What else is in the cards? Here are the ...

Tenable: Vulnerability disclosures skyrocketed over last 5 years

New research from Tenable shows a dramatic increase in vulnerability disclosures since 2015, as well as concerning data about ...

Select a customer IAM architecture to boost business, security

Not all customer IAM platforms are created equal. Will a security-focused or marketing-focused CIAM architecture best meet your ...

SearchStorage

Calculate HPC storage costs based on these 8 factors

IT teams that want an accurate estimate of HPC storage costs must account not only for the technology itself, but for staffing, ...

Enterprise data storage 2020 Products of the Year finalists

The field of entrants in our 19th annual Products of the Year contest has been reduced to 47 contenders vying for gold, silver ...

Services, cloud dominated data storage news in 2020

Storage as a service, hybrid cloud, Kubernetes storage, economic fallout from COVID-19, and backup mergers and acquisitions ...

SearchNetworking

Cisco sweetens Acacia deal by $2 billion

Cisco has agreed to pay $4.5 billion for Acacia, $2 billion more than the initial agreement in 2019. Cisco wants Acacia's optical...

SASE challenges include network security roles, product choice

Secure Access Service Edge blends network and security functions. While this integration has its benefits, enterprises still need...

Refreshing look at Wi-Fi 6 benefits, preparations

Wi-Fi 6's benefits are real, and most organizations will eventually upgrade to the latest and greatest standard. When and how ...

SearchCloudComputing

COVID-19 and remote work shift cloud predictions for 2021

If we learned anything from 2020, it's to expect the unexpected. Yet that doesn't stop analysts from trying to predict what's to ...

Cloud providers jockey for 2021 market share

AWS and Microsoft still dominate the cloud market, but Google, IBM and Oracle aren't without merit. Learn where each provider ...

How to build a cloud center of excellence

Learn how to create an effective cloud center of excellence for your company with these steps and best practices.

SearchDataManagement

Informatica takes Customer 360 master data management to cloud

Updated MDM service benefits from integrations with the broader cloud-native Informatica platform that is built on top of a ...

Graph database vs. relational database: Key differences

Relational databases and graph databases both focus on the relationships between data but not in the same ways. Here are some key...

ScyllaDB NoSQL database to improve with Project Circe

ScyllaDB Project Circe sets out to help improve consistency, elasticity and performance for the open source NoSQL database.

SearchBusinessAnalytics

Data storytelling a key part of Yellowfin analytics platform

Data storytelling remains a focal point for Yellowfin. Stories, the vendor's narrative generation tool, features heavily in both ...

Assent Compliance automates text analytics with AWS

With more than 20,000 documents to review each month, Assent Compliance, a supply chain data management vendor, turned to AWS to ...

Tibco acquisitions add capabilities to analytics platform

The recent completion of Tibco's acquisition of IBI has the potential to benefit customers of both given the complementary ...