How to Cheat at Configuring Open Source Security Tools
Elsevier, Apr 18, 2011 - Computers - 528 pages
The Perfect Reference for the Multitasked SysAdmin
This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.
* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if they’re being exceeded and watch for unauthorized traffic on your network.
What people are saying - Write a review
We haven't found any reviews in the usual places.
Other editions - View all
Administrator alerts allows application attacks button bytes capture file checkbox client command command-line configuration file connection create database decode default desktop devices dialog box disk display filter DOCSIS Edit enable encryption example Fedora Core filter string graph host ICMP Installing Wireshark interface Internet intrusion detection IP address iptables libpcap Linux MAC address Menu Microsoft monitoring MRTG MySQL Nessus netfilter NetStumbler network traffic Nmap OpenBSD OpenVPN operating system options output package packet password perform plug-ins port preprocessor pressing Enter Protocol Tree window remote right-click rules scan screen SELinux server shown in Figure sniffer SNMP Snort sensor specify Summary window switch syslog TCPDump troubleshooting UltraVNC update Windows Firewall WinPCap wireless network Wireshark