Snort Report 2 Posted

My second Snort Report has been posted. In this edition I talk about upgrading from an older version to 2.6.1.2, and then I begin discussing the snort.conf file.

I recommend reading the first Snort Report so you can follow along with my methodology. In the third article (to be posted next month) I describe the sorts of activity you can detect without using Snort rules or dynamic preprocessors. The idea behind this series of articles is to develop an intuitive understanding of Snort's capabilities, starting with the basics and becoming more complicated.

Comments

Anonymous said…
Hi richard i want to ask you a question about pen testing
which live linux cd you prefer for
pen testing ?
pentoo,backtrack,or other distribution
what is the best ?
Hi anonymous,

I don't do pen testing regularly, so I don't have an opinion. :)

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics