- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
A Practical Guide to Running SNORT on Red Hat Linux 7.2 and Management Using IDS Policy Manger MySQL
- Abstract
- Firewalls and virus protection software add layers of security but in most cases this is not enough. SNORT which is a free NIDS (Network Intrusion Detection System) adds another layer to your security blanket. To give you a better picture of what I mean by this, I will quote Wes Simonds of Search Networking as saying "If a firewall is the initial gate, Snort is the highly-trained Doberman pack that roams the company grounds pawing at intruders, sniffing at their packets in a deceptively unobtrusive manner and occasionally when things are manifestly uncool biting them gently in half." SNORT will watch and analyze your network traffic and will alert you when there are possible hacking attempts against your computer system(s). SNORT was originally written by Martin Roesh for *nix operating systems, and according to one study can keep up with the heavy weights such as Cisco and ISS (Study done by the Gartner Group http://www.gartner.com/DisplayTechOverview?id=320015) . I will show you how to setup snort on Red Hat 7.2 and I will show you how to manage your sensor and view alerts from your windows 2000 workstation.