What is Snort? Bonus: How to Write Snort Rules!

Snort is an open-source, signature-based Network-based Intrusion Detection System (NIDS). Actually, Snort is much more than just a NIDS because it also acts a packet analyzer and a Network-based Intrusion Prevention System (NIPS). Snort was originally developed to be a packet analyzer, and with such sniffing capabilities, it can be used to detect intrusions on... Continue Reading →

Intrusion Detection and Prevention Systems

The process of intrusion detection involves the monitoring of systems or networks for any signs and occurrences of events or incidents deemed either suspicious or in violation of to an organization's security policy or rule set. An "Intrusion Detection System (IDS)" is a hardware appliance or software that has the ability to detect signs of... Continue Reading →

Common Endpoint Vulnerabilities and Their Proper Remediation

Endpoints are end-user devices (think mobile, desktop, peripherals, or otherwise). Mobile smartphones, especially, are common attack vectors. Here, I'll discuss the more predominant vulnerabilities facing our endpoints and what we can do to prevent and mitigate these problems. Malicious E-Mail Attachments Malicious e-mail attachments are always concerning because many employees click on them and end... Continue Reading →

Identifying Network-Related Symptoms of Cyberattacks

Let's assume you have the architecture of your network already established, but you'd like to able to detect any signs of malicious traffic traversing in and out of your network. One of the things your might want to consider is placing sensors in strategic locations of your network. Intrusion Detection Systems (IDSs) and Intrusion Prevention... Continue Reading →


Up ↑