Re: Need help/info
- From: Stephen Mullins <steve.mullins.work@xxxxxxxxx>
- Date: Tue, 26 May 2009 07:12:21 -0400
These are definitely great books. I recommend every shop I'm in keep
copies on the shelves as references and for Jr. Analysts or those that
don't come from a Network Security Monitoring background. Nowhere
else that I'm aware of really spells out what NSM is and how to do it
right like Bejtlich's Tao.
Steve Mullins
On Mon, May 25, 2009 at 2:27 PM, Richard Bejtlich <taosecurity@xxxxxxxxx> wrote:
On Wed, May 20, 2009 at 6:25 PM, ubernewbie <duppyconqueror33@xxxxxxxxx> wrote:
I work for a small company with a hub/spoke network. I've been tasked with
setting up an IDS(Snort) to begin monitoring security related events and
basically build out a security program/infrastructure. Do any of you have
any good sites/forums that go into the process of intrusion detection. I can
get the alerts from snort but there are so many that it it's hard to make
heads or tails. I'm looking for ideas on what to look for and what to pay
specific attention to. Also any good websites that alert/explain new
vulnerabilities would be great. Any help would be appreciated.
Hello,
If you're looking for a good book or two, my Tao and Extrusion books will help:
http://www.taosecurity.com/books.html
If you're looking for blogging on the subject, try my blog:
http://taosecurity.blogspot.com
I also wrote a series for TechTarget called Snort Report:
http://searchsecuritychannel.techtarget.com/tips/index/0,289482,sid97_tax307691,00.html
If you're looking for a good Wiki, try:
http://nsmwiki.org
If you're looking for the best suite for network security monitoring, try:
http://www.sguil.net
Good luck!
Richard
- References:
- Need help/info
- From: ubernewbie
- Re: Need help/info
- From: Richard Bejtlich
- Need help/info
- Prev by Date: Announcing Realeyes IDS 0.9.5
- Next by Date: Automatic generation and Analysis of NIDS Attacks
- Previous by thread: Re: Need help/info
- Next by thread: Re: Need help/info
- Index(es):
Relevant Pages
|
Loading
