Ips and ids


Published on

  • Be the first to comment

  • Be the first to like this

Ips and ids

  1. 1. IPS AND IDS
  2. 2. SNORT-A free and open source intrusion prevention system and intrusiondetection system-Snort IPS and IDS has the ability to perform real-time traffic analysis andpacket logging on Internet protocol(IP) networks-Can be used to detect probes or attacks, like OS fingerprint attempts,buffer overflows, and stealth port scans-Can be configured in three modes: sniffer, packet logger, and networkintrusion detection.
  3. 3. INSTALLING SNORT-For Windows, you have to prepare your computer by installing WinPcapand Barnyard-Download Snort-Download Rules-Configure Rules
  4. 4. WINPCAP
  5. 5. BARNYARD
  6. 6. RULES
  8. 8. ONLINE SERVICE ANALYZERS-Malwr-VirusTotal-Anubis-Wepawet
  10. 10. WEPAWET
  11. 11. DISCUSSIONIt was great exploring these online services to analyze files and URLs forvirus andmalware. I had problem getting Anubis to work. I use Wepawet to analyzefacebook.com, it came back clean. I used Virustatal to analyzehttp://aladel.net/ andit came back with a lot of malwareI truly enjoy these exercises. I learn so much about the kind of tools thatare outthere to try to keep my network safe.