How to Cheat at Configuring Open Source Security Tools

How to Cheat at Configuring Open Source Security Tools on ScienceDirect(Opens new window)
Paperback, 528 Pages
Published: MAY-2007
ISBN 10: 1-59749-170-5
ISBN 13: 978-1-59749-170-9
Imprint: SYNGRESS


By
Michael Gregg, President, Superior Solutions, Inc.
Eric Seagren, Eric Seagren, CISSP, CISA, ISSAP, JPMorganChase
Angela Orebaugh, Washington, D.C. Senior Scientist in the Advanced Technology Research Center, Sytex, Inc., Washington, DC, USA
Matt Jonkman, Founder, Bleeding Edge Threats (www.bleedingedgethreats.net)
Raffael Marty, (GCIA, CISSP) Manager of ArcSight's Strategic Application Solution Team

Description
The Perfect Reference for the Multitasked SysAdmin This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter. * Take Inventory See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate. * Use Nmap Learn how Nmap has more features and options than any other free scanner. * Implement Firewalls Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable. * Perform Basic Hardening Put an IT security policy in place so that you have a concrete set of standards against which to measure. * Install and Configure Snort and Wireshark Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations. * Explore Snort Add-Ons Use tools like Oinkmaster to automatically keep Snort signature files current. * Troubleshoot Network Problems See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP. * Learn Defensive Monitoring Considerations See how to define your wireless network boundaries, and monitor to know if they’re being exceeded and watch for unauthorized traffic on your network.

Audience:
System administrators and security professionals


 
Last update: 6 Nov 2011