September 2024
Beginner
256 pages
6h 24m
English
In the previous chapters, we learned about the different modules of Snort 3 IDS/IPS, which essentially performs in-depth analysis of network traffic in order to detect malicious behavior and exploit attempts. Toward this goal, the users would maintain a set of IDS/IPS signatures that work in conjunction with Snort modules to detect and stop bad traffic.
In this chapter, we have a different use case that is practically useful. Network administrators and/or policymakers of organizations often like to limit and/or control the use of certain applications within the environment. For example, the network admin or controller may want to limit access (block access) to iTunes traffic. Note that this is not a security problem; rather, it ...