Snort configuration -- Conclusion

This segment wraps up the Snort configuration tip.

In the next Snort Report we will see what sorts of activity Snort might detect given this limited configuration. In the Snort Report that follows we will explore Snort's new dynamic preprocessors (FTP, TELNET, SMTP, SSH, DCE-RPC and DNS) by adding them to the configuration file.

Snort: Understanding the configuration file

Introduction: Upgrade to Snort 2.6.1.2
The snort.conf file
Defining IP ranges of interest
Defining ports of interest
Core preprocessors
Non-dynamic preprocessors
Conclusion

About the author
Richard Bejtlich is founder of TaoSecurity, author of several books on network security monitoring, including Extrusion Detection: Security Monitoring for Internal Intrusions, and operator of the TaoSecurity blog.

This was last published in January 2007

Dig Deeper on Managed network services technology

All
News
Get Started
Evaluate
Manage
Problem Solve

MicroscopeUK

Thales the latest to flag digital transformation security opportunity

The firm has added to a growing number of examples of growing security risks surrounding digital transformation projects

Printer hardware sales suffer Q1 dip

The industry always suffers a slow start to the year and 2019 has been no different according to analysis from Context

Channel roundup: Who's gone where?

Another week and there has been plenty of personnel movement across the channel with some senior channel appointments being made

SearchSecurity

2019's top email security best practices for employees

Attackers exploit email every day to break into your network, but you can reduce risk for everyone by promoting these email ...

IT pros stress importance of security awareness training

End-user naiveté can lead to costly data breaches, underscoring the critical importance of security awareness training. Learn how...

What makes BSA's secure software development framework unique?

BSA rolled out a new secure software development framework in an effort to promote best practices for secure software development...

SearchStorage

Red Hat storage shifts focus to OpenShift, hybrid cloud, HCI

Red Hat changes focus from selling stand-alone Ceph and Gluster products to promoting storage technologies designed for OpenShift...

7 must-have features for multi-cloud storage optimization

When evaluating cloud platforms for a multi-cloud storage strategy, look for what they offer in terms of integration, networking ...

IBM-Red Hat deal raises no storage red flags yet

Storage practitioners say they expect Red Hat's 'new overlords' at IBM to tread lightly on Red Hat storage, despite potential ...

SearchNetworking

Customers get a peek at future Extreme Networks products

Extreme Connect attendees got a peek at the company's product roadmap. Upcoming Extreme Networks products include an IoT device ...

Marconi Mainnet launched for building, scaling complex networks

The Marconi Mainnet platform provides blockchain security, multi-cloud connectivity, advanced firewalls and secure gateways for ...

Key factors to consider before evaluating campus edge switches

Before buying a campus edge switch, it's important to understand how technologies such as IoT could affect campus traffic and how...

SearchCloudComputing

Multi-cloud management tools fall short of expectations

Multi-cloud presents new management issues for enterprises. Users want better visibility and control of multiple clouds, but ...

Microsoft hands developer advocates keys to the kingdom

Microsoft views developers as key to not only maintaining its customer base, but expanding it through interaction with open ...

Poor hybrid data placement can swell cloud costs

Enterprises that rely on public clouds are no stranger to egress traffic charges, but those costs can skyrocket when it comes to ...

SearchDataManagement

Inside view of Tibco integration architecture planning

Tibco's acquisitions of well-regarded, small software specialists such as SnappyData are part of a drive toward what it calls '...

Lumina launches Radiance, a data risk management platform

In an effort to prevent data loss, Lumina launched Radiance, a SaaS data risk management platform. It collects and analyzes data ...

Advice on enterprise data cleansing from an SAP VP

SAP's Kristin McMahon details data cleansing best practices and explains why a good data cleanse needs continual communication, ...

SearchBusinessAnalytics

McDonald's orders up customer service analytics, shakes up fast food

The fast-food giant announced last month that it is acquiring Dynamic Yield, a big data platform, in pursuit of a more ...

Sisense acquisition of Periscope yields versatile BI platform

The Sisense merger with Periscope Data is expected to create a new, combined BI product that will cater to casual business users ...

Qlik multi-cloud, Kubernetes options drive cloud-first vision

Qlik advances its plan to be a cloud- and SaaS-first analytics vendor with new multi-cloud and Kubernetes deployment options. But...

Related Resources

Dig Deeper on Managed network services technology

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.