Understanding Intrusion Detection Systems

by Ric Messier

Publisher: Infinite Skills

Release Date: July 2016

ISBN: 9781491962701

Video Description

An outsider might be inside your network and ready to release attack traffic. A disgruntled employee might be inside your system and ready to delete files. You're a systems or network admin and it's your job to prevent these types of malicious events.

Where do you begin? A good start is knowing with some certainty that the attackers are even present and a good intrusion detection system will do just that. In this video, security expert Ric Messier explains why intrusion detection systems are necessary, what they do, how they work, where to find them, and how to implement them.

Understand intrusion detection: Its meaning, its value, and how to implement it
Master the workings of host-based and network-based intrusion detection systems
Learn about network captures, cryptographic hashes, alerting, incident response, and more
Gain awareness of anomaly based and signature based intrusion detection systems
Learn to use open source intrusion detection systems like Snort, Suricata, and Bro
Understand how to perform file integrity checks using Tripwire and Samhain
Review multiple forms of built-into-the-OS IDS systems

Ric Messier directs the Cybersecurity & Digital Forensics program at Champlain College in Burlington, VT. He runs the private security firm WasHere Consulting and is also a Senior Consultant with the security firm IP Architects, LLC. He is author of multiple O'Reilly security titles, including Professional Guide to Wireless Network Hacking and Penetration Testing, Introduction to Penetration Testing, and Mastering Python - Networking and Security.

Introduction
1. Welcome 00:02:06
2. What Will Be Covered 00:02:14
3. About The Author 00:01:05
Host-Based
1. Logs - Windows 00:03:34
2. Auditing - Windows 00:04:56
3. Logs - Linux 00:04:00
4. Auditing - Linux 00:04:33
5. Cryptographic Hashes 00:04:30
6. File Settings 00:03:42
7. Tripwire Configuration 00:04:16
8. Tripwire Operation 00:04:56
9. OSSEC 00:03:21
10. OSSEC Installation 00:03:06
11. OSSEC Operation 00:03:15
12. Samhain Configuration 00:03:45
13. Samhain Operation 00:03:48
14. Centralized Logging 00:03:57
15. Logwatch 00:05:04
Network-Based
1. Network Captures 00:03:08
2. Snort Overview 00:03:47
3. Snort Configuration 00:04:19
4. Snort Usage 00:04:49
5. Snort Rules 00:05:35
6. Monitoring Consoles 00:03:58
7. Suricata Overview 00:02:43
8. Suricata Configuration 00:05:39
9. Suricata Usage 00:03:03
10. Suricata Rules 00:02:57
11. Bro IDS Overview 00:02:09
12. Bro IDS Configuration 00:03:00
13. Bro IDS Usage 00:03:12
14. Bro IDS Rules 00:04:12
15. Oinkmaster 00:03:47
16. Barnyard2 00:04:13
Endpoint Protection
1. Antivirus 00:04:50
2. Data Loss Prevention 00:03:39
3. Windows Defender 00:03:24
4. Application Protection 00:03:05
5. Network Monitoring - Application Usage 00:03:23
6. Spyware 00:03:33
7. Browser Alerts 00:03:08
8. Browser Protections 00:04:09
9. Encryption Certificates 00:04:13
10. E-Mail 00:04:11
Conclusion
1. Conclusion 00:04:16

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Understanding Intrusion Detection Systems

Video Description

Table of Contents

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Understanding Intrusion Detection Systems

Video Description

Table of Contents