Open source anti-theft solution for Mac, PCs & Phones – Prey. Ugolog - Online video monitoring system. Watch, Learn and Contribute Computer Security Videos. Firewall Builder. ZoneMinder: Linux Home CCTV and Video Camera Security with Motion Detection. Secgeeks - information security. SSH Tunnels - Linuxlogin.com. Packet Crafting for Firewall & IDS Audits (Part 2 of 2) Introduction This is the second of a two-part article series that discusses various methods of testing the integrity of your firewall and IDS, using low-level TCP/IP packet crafting tools and techniques. Part one showed several examples that tested a firewall (port 80 TCP, and port 53, UDP) using tools like hping and tcpdump. We will now continue the discussion with a third test of the firewall, using the same tools as noted above, and then move on to test your IDS signatures and detection ability.
Note that the focus here is on a Linux environment, but the process is similar with other Unix-like firewall/IDS environments as well. Please familiarize yourself with part one of this article before continuing on with this paper. Testing your firewall - third example, ICMP echo requests The example shown below is a simple ICMP echo request to see if a machine is alive, in this case our test machine.
This time there is one packet received as was noted above, and the round trip time is shown. Optimizing NIDS Performance. Introduction Network intrusion detection systems (NIDSs) face some of the most gruelling challenges of any security product. Not only is the bandwidth these devices monitor increasing, so are the amount of attacks they must guard against. The combination of these two factors could overwhelm a NIDS, causing it to drop packets. To help the NIDS keep up with the demands of today’s networks, and the wide variety of threats that besiege them, there are a number of things that the NIDS administrator can do to improve the performance of their NIDS.
This article will examine some of those options. Review The NIDS Deployment Policy Before doing anything, the NIDS administrator needs to review the current NIDS deployment policy. Filtering Signatures Once the policy has outlined the general strategy that the security staff will implement, the first thing that the NIDS engineer should do is trim the amount of attacks that the NIDS will look for.
Figure 1. Filtering Unwanted Traffic (Monitoring NIC) Testing security with hping. Internet Security Guru. Armor Your Palace. A guide to securing your home and home network with inexpensive hardware, open source software and about 8 hours of dedicated time.
This is a living document, updated on a regular basis to reflect additional best practice methodologies, tips and tricks as they become available. In this guide, we will walk you through the process of building and configuring security systems to protect your home and home/office network through the use of motion-sensing digital security cameras, advanced firewalls, intrusion detection systems, and realtime notification mechanisms. In a mere eight hours, we will endeavor to build and configure a moderately sophisticated wired and wireless home or office LAN with a DMZ for public-facing services, strong ingress and egress filtering for all connected subnets and a realtime risk management console with live monitoring and alerts by email and/or telephone! Technorati Tags: howto, linux, privacy, security Planning For your firewall: Additional Software: Implementation. KarKomaOnline - For SysAdmins.
Intrusion detection and prevention learning guide. More on intrusion detection and prevention Threats expert Nick Lewis explains how to prevent data exfiltration via covert channels SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost.
Join me on SearchSecurity.com today! It's no secret that a layered security strategy is the key to protecting enterprise networks from malicious intrusions. And one of the major components in that strategy is having solid intrusion detection and intrusion prevention technology and supporting processes. This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention . Here, security professionals will gain some insight on the basics of network intrusion detection systems by learning how to determine which IDS/IPS technology is right for their enterprises as well as the key differences between the IDS and IPS technologies.
Hacking Linux Exposed. Intrusion Detection FAQ - The Internet's most trusted site for vendor neutral intrusion detection information. Secure Access / Login Intrusion Detection FAQ The Internet's most trusted site for vendor neutral intrusion detection information.
Updated May 19, 2010 View Press Release Click here for Intrusion Detection In-Depth: The Most Advanced Intrusion Detection Immersion Training Available The Basics Terms, Theory and Research.