Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

A DIY Project for Network Security

With sparse resources, our security manager has to do things herself. But a call has her feeling like part of the team. By C.J. Kelly

June 6, 2005 12:00 PM ET

Computerworld - The past few weeks have been frustrating and rewarding all at the same time. I had set a goal to configure an intrusion-detection system (IDS) using the de facto standard, Snort on Linux. In our environment, we have very little in the way of security tools and devices, and little or no budget to procure such items. This project was the first step in being able to detect potentially malicious network traffic as inexpensively as possible.
Having never done this personally because I previously managed engineers who knew how, and currently having no security-savvy staff to rely on, I was both tentative and excited.
I did several things to prepare. I found a white paper explaining the steps in detail. I figured that, if nothing else, I could follow directions. I also purchased and read a book, The Tao of Network Security Monitoring: Beyond Intrusion Detection, by Richard Bejtlich (Addison Wesley Professional, 2004).
I also met with a friend and colleague, a CISSP and information security officer at a small company, who I knew had been running a similar system for many years. I tried to work my way through the Snort manual but then quickly put it aside as a reference for when I had the system configured and running.
Dumb Frustrations
The system is now in production and is producing volumes of data. The challenge is to analyze this data and make sense of it.
There were so many small frustrations along the way that, at this point, I feel only relief that it appears to be working. I had what I call "dumb" frustrations.
For instance, I had a hard time downloading the enormous Red Hat Fedora Core 3 image files and burning those files to CD in the proper format. After numerous attempts and a dozen CDs that wouldn't boot, my colleague created a set of CDs for me to use.
Once the Linux operating system was installed, I realized that I couldn't remember Linux bash commands, so I printed a cheat sheet. Fortunately, the vi text editor commands came back to memory quickly. I followed the directions for installing the additional software needed for the system, step by step by step, then rebooted.
The system appeared to hang at a particular point, so I searched the Linux-newbie newsgroups for a solution. I never did find the exact solution, so I decided that I had done something wrong and rebooted using the rescue CD.
Things went downhill from there, as I manually edited various configuration files



Jump to comments

Security

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

Death to PST Files
Download Now  

Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".

eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!  

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...


IT Jobs