4. Lifecycle of a Vulnerability
This chapter walks you through the process of providing Intrusion Detection System (IDS) coverage for a security vulnerability from start to finish, using practical examples and highlighting popular and useful open source tools. After the process is introduced, this chapter focuses on how to write Snort signatures for more complex vulnerabilities by using features such as flowbits, Perl-Compatible Regular Expressions (PCRE), and the relatively new shared object rules, which allow Snort to leverage all the power of the C programming language.
A Vulnerability Is Born
The vast majority of new software vulnerabilities are announced on public forums, such as the SecurityFocus Bugtraq mailing list (www.securityfocus.com/archive/1 ...
Get Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
