Want more features on Pastebin? Sign Up, it's FREE!
Guest

Untitled

By: a guest on Oct 20th, 2011  |  syntax: None  |  size: 1.42 KB  |  views: 316  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. From page 249 of Malware Analyst's Cookbook:
  2.  
  3. """
  4. You can visit the Snort project’s home page for additional documentation and tutorials. Some of the ideas you might consider implementing into your lab environment are:
  5.  
  6. • Enabling and disabling signatures or entire rulesets as desired
  7.  
  8. • Configuring oinkmaster for keeping signatures updated
  9.  
  10. • Compiling Snort using the --with-mysql flags to write logs and alerts to a MySQL data-
  11. base. Then you can view and analyze alerts via web interface by installing BASE
  12.  
  13. • Configuring the pre-processors and different options in snort.conf
  14. """
  15.  
  16. From http://www.sectechno.com/2011/05/28/capturing-and-analyzing-malicious-network-traffic/
  17.  
  18. """
  19. For more about Snort project you can visit their home page where you find additional documentation and tutorials. Some of the ideas you might consider implementing into your testing environment are:
  20.  
  21. • Enabling and disabling signatures or entire rulesets as desired
  22.  
  23. • Configuring oinkmaster5 for keeping signatures updated
  24.  
  25. • Compiling Snort using the –with-mysql flags to write logs and alerts to a MySQL database.
  26.  
  27. • Configuring the pre-processors and different options in snort.conf
  28. """
  29.  
  30. Do you see the 5 after oinkmaster5 in your copied version? That's a footnote in the real book. There is no such thing as oinkmaster5. This only happened because you clearly copy & pasted from the PDF version of the book.
  31.  
  32.  
clone this paste RAW Paste Data