Rating: 0 out of 5 stars
0 ratings
Ebook453 pages12 hours
How to Cheat at Configuring Open Source Security Tools
By Michael Gregg, Eric Seagren, Angela Orebaugh and
Rating: 0 out of 5 stars
()
About this ebook
The Perfect Reference for the Multitasked SysAdmin
This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.
* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if they’re being exceeded and watch for unauthorized traffic on your network.
This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.
* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if they’re being exceeded and watch for unauthorized traffic on your network.
- Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet
- Follows Syngress' proven "How to Cheat" pedagogy providing readers with everything they need and nothing they don't
Author
Michael Gregg
Michael Gregg is the President of Superior Solutions, Inc. and has more than 20 years' experience in the IT field. He holds two associate’s degrees, a bachelor’s degree, and a master’s degree and is certified as CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. Michael's primary duty is to serve as project lead for security assessments, helping businesses and state agencies secure their IT resources and assets. Michael has authored four books, including Inside Network Security Assessment, CISSP Prep Questions, CISSP Exam Cram2, and Certified Ethical Hacker Exam Prep2. He has developed four high-level security classes, including Global Knowledge's Advanced Security Boot Camp, Intense School's Professional Hacking Lab Guide, ASPE's Network Security Essentials, and Assessing Network Vulnerabilities. He has written over 50 articles featured in magazines and Web sites, including Certification Magazine, GoCertify, The El Paso Times, and SearchSecurity. Michael is also a faculty member of Villanova University and creator of Villanova's college-level security classes, including Essentials of IS Security, Mastering IS Security, and Advanced Security Management. He also serves as a site expert for four TechTarget sites, including SearchNetworking, SearchSecurity, SearchMobileNetworking, and SearchSmallBiz. He is a member of the TechTarget Editorial Board.
Read more from Michael Gregg
CASP+ CompTIA Advanced Security Practitioner Study Guide: Exam CAS-003 Security Administrator Street Smarts: A Real World Guide to CompTIA Security+ Skills Rating: 3 out of 5 stars3/5The Network Security Test Lab: A Step-by-Step Guide Rating: 0 out of 5 stars0 ratingsHack the Stack: Using Snort and Ethereal to Master The 8 Layers of An Insecure Network Rating: 0 out of 5 stars0 ratingsInfoSecurity 2008 Threat Analysis Rating: 0 out of 5 stars0 ratings
Related to How to Cheat at Configuring Open Source Security Tools
Titles in the series (10)
How to Cheat at Designing a Windows Server 2003 Active Directory Infrastructure Rating: 0 out of 5 stars0 ratingsHow to Cheat at Securing a Wireless Network Rating: 2 out of 5 stars2/5How to Cheat at Managing Information Security Rating: 0 out of 5 stars0 ratingsHow to Cheat at Configuring Open Source Security Tools Rating: 0 out of 5 stars0 ratingsHow to Cheat at VoIP Security Rating: 0 out of 5 stars0 ratingsHow to Cheat at Configuring ISA Server 2004 Rating: 0 out of 5 stars0 ratingsHow to Cheat at Deploying and Securing RFID Rating: 0 out of 5 stars0 ratingsHow to Cheat at Configuring Exchange Server 2007: Including Outlook Web, Mobile, and Voice Access Rating: 0 out of 5 stars0 ratingsHow to Cheat at Windows System Administration Using Command Line Scripts Rating: 0 out of 5 stars0 ratingsHow to Cheat at IIS 7 Server Administration Rating: 0 out of 5 stars0 ratings
Related ebooks
Wireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratingsHow to Cheat at Securing a Wireless Network Rating: 2 out of 5 stars2/5Snort Intrusion Detection 2.0 Rating: 4 out of 5 stars4/5Stealing The Network: How to Own the Box Rating: 4 out of 5 stars4/5Kismet Hacking Rating: 0 out of 5 stars0 ratingsNmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsOS X Exploits and Defense: Own it...Just Like Windows or Linux! Rating: 0 out of 5 stars0 ratingsSecure Your Network for Free Rating: 5 out of 5 stars5/5Developer's Guide to Web Application Security Rating: 3 out of 5 stars3/5XSS Attacks: Cross Site Scripting Exploits and Defense Rating: 3 out of 5 stars3/5Combating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat Rating: 4 out of 5 stars4/5Building Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsHow to Cheat at Deploying and Securing RFID Rating: 0 out of 5 stars0 ratingsAsterisk Hacking Rating: 0 out of 5 stars0 ratingsApplied Network Security Rating: 0 out of 5 stars0 ratingsPenetration Testing with the Bash shell Rating: 0 out of 5 stars0 ratingsBotnets: The Killer Web Applications Rating: 5 out of 5 stars5/5Mobile Malware Attacks and Defense Rating: 5 out of 5 stars5/5AVIEN Malware Defense Guide for the Enterprise Rating: 0 out of 5 stars0 ratingsSeven Deadliest Network Attacks Rating: 3 out of 5 stars3/5Mastering Kali Linux for Web Penetration Testing Rating: 4 out of 5 stars4/5Introduction to US Cybersecurity Careers Rating: 3 out of 5 stars3/5Hack Proofing Your Identity In The Information Age Rating: 4 out of 5 stars4/5Hack Proofing Your Network Rating: 0 out of 5 stars0 ratingsLearning iOS Penetration Testing Rating: 0 out of 5 stars0 ratingsMetasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research Rating: 0 out of 5 stars0 ratingsHow to Cheat at VoIP Security Rating: 0 out of 5 stars0 ratingsHow to Cheat at Securing Your Network Rating: 0 out of 5 stars0 ratingsWeb Application Vulnerabilities: Detect, Exploit, Prevent Rating: 0 out of 5 stars0 ratingsSeven Deadliest Web Application Attacks Rating: 0 out of 5 stars0 ratings
Security For You
Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Hacking for Beginners: Mastery Guide to Learn and Practice the Basics of Computer and Cyber Security Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5Practical Ethical Hacking from Scratch Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Hacking For Dummies Rating: 4 out of 5 stars4/5Game Console Hacking: Xbox, PlayStation, Nintendo, Game Boy, Atari and Sega Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsAmazon Web Services (AWS) Interview Questions and Answers Rating: 5 out of 5 stars5/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Codes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Security+ Boot Camp Study Guide Rating: 5 out of 5 stars5/5
Related podcast episodes
Bonus: Afternoon Cyber Tea: IoT-Based Infrastructures 0% found this document usefulMobile Forensics 0% found this document usefulCybersecurity and Hacking with Kevin Mitnick 0% found this document usefulTCP & UDP: with Adam Woodbeck 0% found this document usefulEpisode 233: Manual unit testing and WFH demotivation 100% found this document usefulRERUN: Hacking for Dollars 0% found this document usefulIs enhanced hardware security the answer to ransomware? [CyberWire-X] 100% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document useful
Related articles
People Are Secretly Buying Handguns On The Dark Web FuturityArticle
People Are Secretly Buying Handguns On The Dark Web
Apr 24, 2019
2 min readUse Home Assistant NodeRED devices Linux FormatArticle
Use Home Assistant NodeRED devices
May 31, 2022
NodeRED is an open source graphical programming environment that can be used to complete a large number of tasks. Graphical programming languages tend to be more intuitive than textual programming languages and can be easier to learn. Support is buil
5 min readBuilding PCs Linux FormatArticle
Building PCs
Apr 7, 2020
2 min read‘Open Ports’ Leave a Hole in Smartphone Security FuturityArticle
‘Open Ports’ Leave a Hole in Smartphone Security
May 8, 2017
Smartphone apps that use “open ports” to share and receive data are more vulnerable to security breaches than previously thought, mainly due to the their widespread use in internet communication, a new study suggests. The vulnerability the researcher
3 min readSecure Your Servers Linux FormatArticle
Secure Your Servers
Apr 7, 2020
No matter what you do with your Linux servers you will almost certainly have SSH access to them. Indeed this might be the only access you have, so it would be wise to secure it. Naturally, you will already be using a strong password and will have alr
4 min readHack The Planet/Parrot Linux FormatArticle
Hack The Planet/Parrot
May 31, 2022
2 min read“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive” PC Pro MagazineArticle
“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive”
Jan 6, 2022
7 min readHow To Manage Network Devices MacLifeArticle
How To Manage Network Devices
Mar 30, 2021
1 min readHack The System Linux FormatArticle
Hack The System
Dec 17, 2019
If you followed our handy guide on the previous pages, then you’ll already have augmented your Kali Light installation with Nmap, a port-scanning utility par excellence and a vital part of any pen-tester’s arsenal. As mentioned on the DVD page (there
4 min readHacker Distributions Linux FormatArticle
Hacker Distributions
Nov 17, 2020
1 min readPlugins For Nnn APCArticle
Plugins For Nnn
Aug 10, 2020
Nnn is tiny but highly extensible. There are several plugins available in the Git repo (check out the list at https://github.com/jarun/nnn/tree/ master/plugins, which also shows their dependencies), and even a script to install them easily. You can r
1 min readOnline Privacy APCArticle
Online Privacy
Oct 3, 2022
BEN MANSILL Finds Facebook genuinely useful a couple of times a year. Hi everyone, I hope you made the most of the non-stop and seemingly endless winter, and are now out and about a bit more getting your Vitamin D from the sun, not a pill. It can fee
2 min readKRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know MacWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know
Nov 29, 2017
5 min readThe Logical Volume Manager Linux FormatArticle
The Logical Volume Manager
Jul 2, 2019
5 min readHow to Protect Your Small Business Against a Cyber Attack EntrepreneurArticle
How to Protect Your Small Business Against a Cyber Attack
Feb 1, 2013
8 min readRun Windows 11 on a Raspberry Pi 4 Maximum PCArticle
Run Windows 11 on a Raspberry Pi 4
Feb 1, 2022
5 min readHacker’s Manual Linux FormatArticle
Hacker’s Manual
Nov 17, 2020
1 min readThe 5 Worst Home Networking Mistakes and How to Avoid Them Residential Tech TodayArticle
The 5 Worst Home Networking Mistakes and How to Avoid Them
Oct 15, 2020
4 min readScan Your Network From The Inside PC Pro MagazineArticle
Scan Your Network From The Inside
Apr 10, 2022
2 min readImprove Your Typing Linux FormatArticle
Improve Your Typing
Dec 13, 2022
GNU T YPIST Credit: www.gnu.org/software/gtypist OUR EXPERT Shashank Sharma is a trial lawyer in New Delhi and an avid Arch user. He’s quite happy with his typing speed, errors and all. Touch-typing is the ability to type without looking at the keybo
5 min readSherlock Linux FormatArticle
Sherlock
May 31, 2022
1 min readAn Algorithm That Hides Your Online Tracks With Random Footsteps The AtlanticArticle
An Algorithm That Hides Your Online Tracks With Random Footsteps
Apr 11, 2017
4 min readMicrosoft Says Hackers Viewed Source Code, Didn’t Change It TechLife NewsArticle
Microsoft Says Hackers Viewed Source Code, Didn’t Change It
Jan 9, 2021
1 min readRise Of The Robots Linux FormatArticle
Rise Of The Robots
Jan 12, 2021
7 min readRemove Malware From Your PC APCArticle
Remove Malware From Your PC
Nov 4, 2019
3 min readAirwave Autonomy RECOIL OFFGRIDArticle
Airwave Autonomy
Aug 10, 2021
7 min readIntroducing Kali Maximum PCArticle
Introducing Kali
Mar 2, 2021
4 min readTurn Your Raspberry Pi Into A Cloud Server Linux FormatArticle
Turn Your Raspberry Pi Into A Cloud Server
Aug 24, 2021
6 min readBeginner Distros There Are Dozens Of Distributions Aimed At New And Inexperienced Linux Users. Shashank Sharma Narrows The Selection Down To Five. Linux FormatArticle
Beginner Distros There Are Dozens Of Distributions Aimed At New And Inexperienced Linux Users. Shashank Sharma Narrows The Selection Down To Five.
Feb 11, 2020
1 min readA 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack NPRArticle
A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack
Apr 16, 2021
20 min read
Reviews for How to Cheat at Configuring Open Source Security Tools
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
How to Cheat at Configuring Open Source Security Tools - Michael Gregg
Enjoying the preview?
Page 1 of 1