You can get a bootable cd with all of these tools at
http://www.knoppix-std.org/.
Rich
-----Original Message-----
From: Gordon Schindell [mailto:gordons@...]
Sent: Friday, September 05, 2003 11:48 AM
To: 'vantage@yahoogroups.com'
Subject: RE: [Vantage] [OT] Using Snort for Intrusion Detection
Todd,
This is a bit of a commercial for having at least one Linux box on your
network to make use of all the free built-in security tools it provides:
Snort - sniffs traffic on your lan and flags anything suspicious.
Nessus - lists known vulnerabilities when run against target machines.
Nmap - port scanner. You really should run this against your own firewall
occasionally from outside the company. It shows which ports are open and
which services are answering. Believe me, others are using this on you!
All these will help to protect a primarily Windows environment.
(p.s. Use your powers only for good, never for evil!)
-----Original Message-----
From: Todd Caughey [mailto:caugheyt@...]
Sent: Friday, September 05, 2003 9:23 AM
To: vantage@yahoogroups.com
Subject: [Vantage] [OT] Using Snort for Intrusion Detection
Awhile back we had a security company do a free mini-audit and one of the
questions they asked was whther we used Snort for something similar for
intrusion detection (no). A while later I saw an article recommending using
Snort along with WinPcap and IDScenter and it included links for downloading
them (free). I ended up buying the recommended book "Snort 2.0 Intrusion
Detection" by Brian Caswell and it arrived yesterday. After skimming it I
am beginning to think this is way above my head (for now).
Is anyone else using Snort with IDScenter? Is there any potential harm to
installing it and trying it out? This is just a monitoring tool and it won't
shut down our Internet access, right? Any hints for configuring it? I am
becomming more concerned about trojans and unusual traffic through our
servers and would like to keep an eye on things.
Thanks,
-Todd Caughey
Harvey Vogel Mfg. Co.
[Non-text portions of this message have been removed]
Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
http://www.knoppix-std.org/.
Rich
-----Original Message-----
From: Gordon Schindell [mailto:gordons@...]
Sent: Friday, September 05, 2003 11:48 AM
To: 'vantage@yahoogroups.com'
Subject: RE: [Vantage] [OT] Using Snort for Intrusion Detection
Todd,
This is a bit of a commercial for having at least one Linux box on your
network to make use of all the free built-in security tools it provides:
Snort - sniffs traffic on your lan and flags anything suspicious.
Nessus - lists known vulnerabilities when run against target machines.
Nmap - port scanner. You really should run this against your own firewall
occasionally from outside the company. It shows which ports are open and
which services are answering. Believe me, others are using this on you!
All these will help to protect a primarily Windows environment.
(p.s. Use your powers only for good, never for evil!)
-----Original Message-----
From: Todd Caughey [mailto:caugheyt@...]
Sent: Friday, September 05, 2003 9:23 AM
To: vantage@yahoogroups.com
Subject: [Vantage] [OT] Using Snort for Intrusion Detection
Awhile back we had a security company do a free mini-audit and one of the
questions they asked was whther we used Snort for something similar for
intrusion detection (no). A while later I saw an article recommending using
Snort along with WinPcap and IDScenter and it included links for downloading
them (free). I ended up buying the recommended book "Snort 2.0 Intrusion
Detection" by Brian Caswell and it arrived yesterday. After skimming it I
am beginning to think this is way above my head (for now).
Is anyone else using Snort with IDScenter? Is there any potential harm to
installing it and trying it out? This is just a monitoring tool and it won't
shut down our Internet access, right? Any hints for configuring it? I am
becomming more concerned about trojans and unusual traffic through our
servers and would like to keep an eye on things.
Thanks,
-Todd Caughey
Harvey Vogel Mfg. Co.
[Non-text portions of this message have been removed]
Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/