3. SNORT
-A free and open source intrusion prevention system and intrusion
detection system
-Snort IPS and IDS has the ability to perform real-time traffic analysis and
packet logging on Internet protocol(IP) networks
-Can be used to detect probes or attacks, like OS fingerprint attempts,
buffer overflows, and stealth port scans
-Can be configured in three modes: sniffer, packet logger, and network
intrusion detection.
4. INSTALLING SNORT
-For Windows, you have to prepare your computer by installing WinPcap
and Barnyard
-Download Snort
-Download Rules
-Configure Rules
16. DISCUSSION
It was great exploring these online services to analyze files and URLs for
virus and
malware. I had problem getting Anubis to work. I use Wepawet to analyze
facebook.com, it came back clean. I used Virustatal to analyze
http://aladel.net/ and
it came back with a lot of malware
I truly enjoy these exercises. I learn so much about the kind of tools that
are out
there to try to keep my network safe.