How to Cheat at Configuring Open Source Security Tools

How to Cheat at Configuring Open Source Security Tools

by Michael Gregg, Eric Seagren, Angela Orebaugh, Matt Jonkman, Raffael Marty
Released April 2011
Publisher(s): Syngress
ISBN: 9780080553566

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The Perfect Reference for the Multitasked SysAdmin
This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.

* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if they’re being exceeded and watch for unauthorized traffic on your network.
  • Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet
  • Follows Syngress' proven "How to Cheat" pedagogy providing readers with everything they need and nothing they don't

Table of contents

  1. Front Cover
  2. How to Cheat at Configuring: Open Source Security Tools
  3. Copyright Page
  4. Contents (1/2)
  5. Contents (2/2)
  6. Chapter 1. Testing and Auditing Your Systems
    1. Introduction
    2. Taking Inventory
    3. Vulnerability Scanning (1/3)
    4. Vulnerability Scanning (2/3)
    5. Vulnerability Scanning (3/3)
    6. OSSTMM
    7. Summary
    8. Solutions Fast Track
    9. Frequently Asked Questions
  7. Chapter 2. Protecting Your Perimeter
    1. Introduction
    2. Firewall Types
    3. Firewall Architectures
    4. Implementing Firewalls (1/8)
    5. Implementing Firewalls (2/8)
    6. Implementing Firewalls (3/8)
    7. Implementing Firewalls (4/8)
    8. Implementing Firewalls (5/8)
    9. Implementing Firewalls (6/8)
    10. Implementing Firewalls (7/8)
    11. Implementing Firewalls (8/8)
    12. Providing Secure Remote Access (1/7)
    13. Providing Secure Remote Access (2/7)
    14. Providing Secure Remote Access (3/7)
    15. Providing Secure Remote Access (4/7)
    16. Providing Secure Remote Access (5/7)
    17. Providing Secure Remote Access (6/7)
    18. Providing Secure Remote Access (7/7)
    19. Summary
    20. Solutions Fast Track
    21. Frequently Asked Questions
  8. Chapter 3. Protecting Network Resources
    1. Introduction
    2. Performing Basic Hardening
    3. Hardening Windows Systems (1/4)
    4. Hardening Windows Systems (2/4)
    5. Hardening Windows Systems (3/4)
    6. Hardening Windows Systems (4/4)
    7. Hardening Linux Systems (1/2)
    8. Hardening Linux Systems (2/2)
    9. Hardening Infrastructure Devices
    10. Patching Systems
    11. Personal Firewalls (1/2)
    12. Personal Firewalls (2/2)
    13. Providing Antivirus and Antispyware Protection (1/2)
    14. Providing Antivirus and Antispyware Protection (2/2)
    15. Encrypting Sensitive Data (1/2)
    16. Encrypting Sensitive Data (2/2)
    17. Summary
    18. Solutions Fast Track
    19. Frequently Asked Questions
  9. Chapter 4. Introducing Snort
    1. Introduction
    2. How an IDS Works
    3. Where Snort Fits
    4. Snort System Requirements
    5. Exploring Snort's Features (1/2)
    6. Exploring Snort's Features (2/2)
    7. Using Snort on Your Network (1/3)
    8. Using Snort on Your Network (2/3)
    9. Using Snort on Your Network (3/3)
    10. Security Considerations with Snort
    11. Summary
    12. Solutions Fast Track
    13. Frequently Asked Questions
  10. Chapter 5. Installing Snort 2.6
    1. Introduction
    2. Choosing the Right OS
    3. Hardware Platform Considerations
    4. Installing Snort (1/2)
    5. Installing Snort (2/2)
    6. Configuring Snort (1/3)
    7. Configuring Snort (2/3)
    8. Configuring Snort (3/3)
    9. Testing Snort
    10. Maintaining Snort
    11. Updating Snort
    12. Summary
    13. Solutions Fast Track
    14. Frequently Asked Questions
  11. Chapter 6. Configuring Snort and Add-Ons
    1. Placing Your NIDS
    2. Configuring Snort on a Windows System (1/3)
    3. Configuring Snort on a Windows System (2/3)
    4. Configuring Snort on a Windows System (3/3)
    5. Configuring Snort on a Linux System (1/3)
    6. Configuring Snort on a Linux System (2/3)
    7. Configuring Snort on a Linux System (3/3)
    8. Demonstrating Effectiveness
    9. Summary
    10. Solutions Fast Track
    11. Frequently Asked Questions
  12. Chapter 7. Introducing Wireshark: Network Protocol Analyzer
    1. Introduction
    2. What is Wireshark?
    3. Supporting Programs
    4. Using Wireshark in Your Network Architecture
    5. Using Wireshark for Network Troubleshooting
    6. Using Wireshark for System Administration
    7. Securing Ethereal
    8. Optimizing Wireshark
    9. Advanced Sniffing Techniques
    10. Securing Your Network from Sniffers
    11. Employing Detection Techniques
    12. Summary
    13. Solutions Fast Track
    14. Frequently Asked Questions
  13. Chapter 8. Getting and Installing Wireshark
    1. Introduction
    2. Getting Wireshark
    3. Packet Capture Drivers (1/2)
    4. Packet Capture Drivers (2/2)
    5. Installing Wireshark on Windows
    6. Installing Wireshark on Linux
    7. Installing Wireshark on Mac OSX (1/2)
    8. Installing Wireshark on Mac OSX (2/2)
    9. Installing Wireshark from Source
    10. Summary
    11. Solutions Fast Track
    12. Frequently Asked Questions
  14. Chapter 9. Using Wireshark
    1. Introduction
    2. Getting Started with Wireshark
    3. Exploring the Main Window (1/2)
    4. Exploring the Main Window (2/2)
    5. Other Window Components
    6. Exploring the Menus (1/3)
    7. Exploring the Menus (2/3)
    8. Exploring the Menus (3/3)
    9. View (1/2)
    10. View (2/2)
    11. Go
    12. Capture (1/2)
    13. Capture (2/2)
    14. Analyze (1/2)
    15. Analyze (2/2)
    16. Statistics (1/3)
    17. Statistics (2/3)
    18. Statistics (3/3)
    19. Help
    20. Pop-up Menus
    21. Using Command-line Options
    22. Summary
    23. Solutions Fast Track
    24. Frequently Asked Questions
  15. Chapter 10. Network Reporting and Troubleshooting with other Tools
    1. Introduction
    2. Reporting on Bandwidth Usage and Other Metrics
    3. Collecting Data for Analysis
    4. Understanding SNMP (1/5)
    5. Understanding SNMP (2/5)
    6. Understanding SNMP (3/5)
    7. Understanding SNMP (4/5)
    8. Understanding SNMP (5/5)
    9. Troubleshooting Network Problems from the Command Line
    10. Additional Troubleshooting Tools
    11. Summary
    12. Solutions Fast Track
    13. Frequently Asked Questions
  16. Chapter 11. Wireless Monitoring and Intrusion Detection
    1. Introduction
    2. Designing for Detection
    3. Defensive Monitoring Considerations
    4. Intrusion Detection Strategies (1/2)
    5. Intrusion Detection Strategies (2/2)
    6. Conducting Vulnerability Assessments
    7. Incident Response and Handling
    8. Conducting Site Surveys for Rogue Access Points
    9. Summary
    10. Solutions Fast Track
    11. Frequently Asked Questions
  17. Index (1/2)
  18. Index (2/2)

Product information

  • Title: How to Cheat at Configuring Open Source Security Tools
  • Author(s): Michael Gregg, Eric Seagren, Angela Orebaugh, Matt Jonkman, Raffael Marty
  • Release date: April 2011
  • Publisher(s): Syngress
  • ISBN: 9780080553566