Using Snort for Network-Based Forensics

ثبت نشده
چکیده

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Improvement and parallelization of Snort network intrusion detection mechanism using graphics processing unit

Nowadays, Network Intrusion Detection Systems (NIDS) are widely used to provide full security on computer networks. IDS are categorized into two primary types, including signature-based systems and anomaly-based systems. The former is more commonly used than the latter due to its lower error rate. The core of a signature-based IDS is the pattern matching. This process is inherently a computatio...

متن کامل

A Survey about Network Forensics Tools

This paper gives an overview about the main tools and techniques available to ensure forensic investigations of network security attacks. Given that Web and Email services are the most common used network communication schemes, we mainly focus on the forensic investigation of Email and Web services attacks. Moreover, we present a set of forensics tools used for network traffic capture such as S...

متن کامل

The Honeynet Files

exploits in a honeypot is an unusual event). For the latter, we want a better understanding of the areas of interest and hidden links between blackhat teams. One way to achieve these goals is to increase the verbosity of our honeypot logs and traces so that we learn every single action the intruder made. The most common tools for doing this are Sebek (http://project.honeynet.org/tools/ sebek/) ...

متن کامل

Wireless Snort - A WIDS in progress

The Snort intrusion detection system is a widely used and well-regarded open sourcesystem used for the detection of malicious activity in conventional wired networks. Recently, software patches to enable 802.11 wireless intrusion detection capability in Snort have been released. This paper focuses on the lessons learned from a live deployment of these wireless extensions to the Snort IDS. Gener...

متن کامل

Avoiding Cyber-attacks to DMZ and Capturing Forensics from Intruders Using Honeypots

Nowadays, honeypots are widely used to divert attackers from the original target and keep them busy within a decoy environment. DeMilitarized Zone (DMZ) is an important zone for network administrators, because many of the services to the public network is provided at this zone. Many of the security tools such as firewalls, intrusion detection systems and several other secu...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010