Security with Snort and OSSEC
Date and Time
Wednesday, January 18, 2012 from 6:30 pm to 9:00 pm
Chris O'Connell discusses host and network intrusion detection using Snort and OSSEC
Snort is an open source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.