Securing the infrastructure using IDS
0 likes303 views
The document discusses network security and monitoring tools. It outlines major security threats like viruses, worms, and password attacks. It emphasizes the importance of intrusion detection systems (IDS) to complement antiviruses and firewalls. The document then describes several open source IDS tools like Snort, Squil, Wireshark, and OSSEC. It provides an overview of the Security Onion Linux distribution for network security monitoring and log management, explaining how it can help analysts detect intrusions and compromised computers.
Securing the infrastructure using IDS
- 2. 4/17/20142014/4/17 Security Overview! What is Security Major threat to Security Importance of having IDS inside security Tools used in IDS Security Onion - an Overview Practical Scenarios with Security Onion Conclusion
- 4. 4/17/20142014/4/17 THREATS Viruses Virus back doors Password Attacks Sniffers Worms Penetrations DOS Malicious Websites
- 5. 4/17/20142014/4/17 Need For IDS Antivirus vs Firewall vs IDS
- 6. 4/17/20142014/4/17 Tools Used in IDS • Snort now Snorby • Squil • Sqert • ElSA • Wireshark • BRO • OSSEC • Last but not least - "Nmap"
- 7. 4/17/20142014/4/17 Security Onion Security Onion is a FREE Linux distro for Network Security Monitoring (NSM) Security Onion is primarily for: intrusion detection network security monitoring log management Security onion How it helps analyst: • Was an EXE downloaded? • Was it executed? • Was the computer compromised?