Win Snort

Installation of WinSnort Contents creative activity I have been tasked with evaluating the latest WinIDS AIO pack from Winsnort. com to determine whether it would be suitable as the intrusion staining System (IDS) on the company earnings. Within this report i will include the details of the exam deployment, give a recommendation and then evaluate the product. What is an IDS? Intrusion in this case is where someone or something as it may be has entered a computer on a network without invitation in tone-beginning to compromise it. Without any systems in place it can be too late before you measure an intruder. his is where an intrusion detection system comes into play. In snort 2. 0 an IDS is described as a exalted tech burglar alarm. An IDS is configured to monitor access points, hostile activities and known intruders. An IDS can work similarly to an anti-virus where it stores touch modalitys of previous or known intruders, the more secure IDSs have huge databases of these sign atures and can detect patterns activity, traffic, or behaviour it sees in the logs it is monitoring against those signatures to recognize when a close match between a signature and current or recent behaviour occurs.When an IDS detects an intruder or potential risk it can restitution an alarm or alert and/or automatically take action. Deployment As said in the intro there was a certain IDS that we had to deploy and find out certain information about it, for spokesperson ease of installation, administration, usability, effectiveness as an IDS and also if there were additional features available. Usually Snort is installed on a Linux operating system but in this case we be going to install it using a windows operating system.Due to it being installed on windows server 2003 it made the difficulty of installation a tidy sum higher as there is not as much documentation on it. There are a number of steps involved when trying to install Snort. Unlike many systems this IDS has to be in stalled in separate parts. The main parts include Installing WinPcap Installing and Configuring Snort Installing Apache Web waiter Installing and configuring PHP Configuring WinIDS to run as service Installing and configuring MySQL Installing ADODBInstalling and configuring the WinIDS tribute Console Creating the WinIDS Security Console Database Tables Configuring the Graphing for the WinIDS Console Securing the WinIDS Security Console Within these parts there is a lot of modify of files through use of opening the main configuration files in WordPad and adapting to our installation. Documentation Recommendation Snort is, by far, the gold standard among open source NIDS systems, with over 100,000 users and 3 million downloads to date.Snort signatures are unplowed up-to-date by its dedicated users and the Snort website has ample documentation including tutorials. It is not, however, easy to use and requires an experienced guarantor IT professional to configure it properly. The fac t that its free makes it the darling of small and medium-sized businesses that cannot afford the fancy GUIs and wizards of commercial network security products. http//www. enterprisenetworkingplanet. com/netos/article. php/10951_3684306_1 Evaluation References