Questions tagged [Intrusion detection systems] (15)

1
answer

Bannergatta proxy IDS in one bottle?

What would you recommend to put on dev. The meaning of the maximal cut different ads like "Soda is the answer" and other slag. The network is under full control, and I want to cut this whole mess on tablets and mobile. Therefore, it is important SSL traffic. There is such a thing? pfsense is also ? Nginx + scripts ?
kameron_Murazik asked April 4th 20 at 13:13
1
answer

How to distribute L2TP connection to Mikrotik in the LAN?

The scheme is simple: L2TP vpn server - Internet - Mikrotik - Ethernet Intranet on Mikrotik is the static 10.156.72.1 (ether1) The local network is 192.168.88.0/24 (ether2) L2TP network 192.168.42.0/24 (l2tp-out1) How to give Mikrotik to the local Internet with a L2TP vpn server? Tried to Mikrotik to register the default ga...
2
answers

What intrusion detection system for Linux more functional?

Hello. Tell me what the intrusion detection system more functional and user-friendly? Lean in to OSSEC, but maybe there are some more interesting analogs? Also interested in the question of the web shell for this case. The default for OSSEC does not look too user-friendly and informative, I saw the option of displaying info...
raleigh_Larson asked March 18th 20 at 21:21
3
answers

What IDS/IPS (detection systems and intrusion prevention), as well as protection against unauthorized access to use in Windows environment?

Good time of day. There are 1000+ PC with MS Windows Board. There is an AD and a bunch of other Windows servers (terminal, mssql, oracle, hyper-v, failover cluster). There is a file repository for the exchange of information, sometimes confidential and constituting official secret.Auditing all access events for files and co...
Mozell.Bradtke asked October 7th 19 at 19:47
4
answers

IDS / IPS for your web site?

Comrades, tell me what are on the market for open source ids or ips for web sites. Interested in controlling function sql-injection, xss, include, attacks and other. Need to detect the probable pentest website.
Zelma5 asked October 3rd 19 at 06:46
2
answers

How to let the traffic from one Windows to another?

There is a network, organized through the router, at the moment it is Dir-300 (192.168.0.1). There is a computer on Windows 7 with the address 192.168.0.100, have a laptop with address 192.168.0.102. And have a virtual machine WMware configured in bridge mode, and having an address 192.168.0.103. The idea is that any piece...
jesus.Rutherford74 asked September 28th 19 at 00:08
2
answers

What's snort?

Good day to all! Recently put snort on the server. Because of experience with it have hardly left the default configs. So here is the alert-log began to appear here such records: [**] [1:527:8] BAD-TRAFFIC same SRC/DST [**] [Classification: Potentially Bad Traffic] [Priority: 2] 10/23-05:04:22.637386 0.0.0.0 -> 224.0.0....
Calista.Bod asked September 24th 19 at 14:23
1
answer

What is the utility to verify how to fulfill the signature IDS/IPS?

Please tell me the utility to validate the IDS/IPS on the excercise signatures? Something like Nessus. Tried Mcaffee evader - did not come. Preferably the solution out of the box, as time is set aside few and the task is not repetitive. Thank you!
sven28 asked September 21st 19 at 05:24
2
answers

Use one OS for multiple intrusion detection systems, does it make sense?

Increases the effectiveness of the work of several intrusion detection systems? If with Snort will work any more 2 system for example. They are arranged a little different. If Yes, please give examples of specific systems. And if not, just recommend a good hids/nids
everette_Ankunding10 asked September 20th 19 at 23:52
4
answers

AI: c++ or python?

Hello, I am a third-year student. As nirsa plan to try to develop ids/ips with heuristic functions, that is, some semblance of AI for decision making in computer networks. There is a question about the choice of programming language: Python or C++ ?
ernie52 asked September 20th 19 at 22:00