Tuning Snort with Host Attribute Tables - CSO Online - Security and Risk.
Here is an article I wrote for CSO magazine, thought the readers of my blog might like to check it out as well.
I was asked to write a fairly technical article for CSO magazine about Snort, the problem is, which part of Snort do you write the article for? An article about Snort can be very technical or not so technical. One of the advantages of having Open-Source software.
In any case, enjoy.
Subscribe to:
Post Comments (Atom)
-
Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so... -
Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical. I don't want to...
-
In my constant state of trying to make things a bit more efficient for myself. (I'm a big believer in automation, ask anyone that has e...
5 comments:
Joel,
Excellent article!
One suggestion, though: you might want to mention that the HTML paragraph tags at the beginning and end of the sample attribute table are artifacts of that particular website and NOT part of a valid attribute table.
Regards,
Doug Burks
Yeah, but hopefully people won't cut and paste out of the article and will make their own.
One can hope right?
Joel,
Excellent article!
One suggestion, though: you might want to mention that the HTML paragraph tags at the beginning and end of the sample attribute table are artifacts of that particular website and NOT part of a valid attribute table.
Regards,
Doug Burks
Yeah, but hopefully people won't cut and paste out of the article and will make their own.
One can hope right?
[...] I talked about the above here. [...]
Post a Comment