Author: Andrew Hay

Snort 2.6.0.2 now available

The Snort Team is pleased to announce the availability of Snort v2.6.02. This release includes a number of improvements including the following:

  • Added a DNS preprocessor and protocol decoder. This DNS preprocessor addresses vulnerabilites in Microsoft Windows DNS resolution defined in MS06-041.

Changes to your Snort configuration file are required to utilize this new functionality. Please review release notes at:

http://www.snort.org/docs/release_notes/release_notes_2602.txt

Snort binaries, tarballs, and a detail set of release notes are available at: http://www.snort.org/dl/

I really can’t wait until I can get my hands on the new Snort Intrusion Detection and Prevention Toolkit book from Syngress.

HowTo Build a Snort-based NSM

Here is a great step-by-step document for creating a Network Security Management infrastructure using Snort, Apache, SSL, PHP, MySQL, and BASE installed on CentOS 4, RHEL 4 or Fedora Core – with NTOP.

Introduction from Patrick Harper, CISSP, RHCT, MCSE:

This is really a deviation from what I have done before. It will start from a minimal install of CentOS 4 or RHEL 4 and will build a Snort sensor/manager. This system will start at the command line and not have X window installed unless you add it during the install. Also you can use Fedora with very little change to this doc.

The document can be downloaded from www.internetsecurityguru.com and so can a VMWare image with the NSM completely configured.

I have personally set this up without running into any issues. I strongly suggest you pre-read the document before attempting the steps so that you understand what is required of you.

A multi-stage approach to securing your email communication

An excellent article is available over at Howto Forge on “A multi-stage approach to securing your email communication

When speaking of mail server-related security, one tends to limit the issue to message applied security measures, and even more to Antivirus and Antispam protection. This is however only one stage in the more complex process of securing your server. This article aims at identifying and explaining all security layers, highly important when choosing a certain mail server and consequently when configuring and using it.

Scroll to top