HSC
Network Security Consulting Agency Since 1989 - Specialized in Unix, Windows, TCP/IP and Internet
 Text mode: access to the page content
Hervé Schauer Consultants
You are here: Home > Resources > Lectures > Intrusion detection with Shadow
Go to: HSC Trainings
Search:  
 Version française
   Services   
o Skills & Expertise
o Consulting
o ISO 27001 services
o Vulnerabilities monitoring
o Audit & Assessment
o Penetration tests
o Vunerability assessment (TSAR)
o Forensics
o ARJEL
o Training courses
o E-learning
   Conferences   
o Agenda
o Past events
o Tutorials
   Resources   
o Thematic index
o Tips
o Lectures
o Courses
o Articles
o Tools (download)
o Vulnerability watch
   Company   
o Hervé Schauer
o Team
o Job opportunities
o Credentials
o History
o Partnerships
o Associations
   Press and
 communication 		  
o HSC Newsletter
o Press review
o Press releases
o Publications
   Contacts   
o How to reach us
o Specific inquiries
o Directions to our office
o Hotels near our office
|>|Intrusion detection with Shadow  
> Access to the content HTML Beginning of the presentation  
> Description Presentation of the Shadow (CIDER) intrusion detection tool from the Navy.  
> Context & Dates Talk made before the SUR group from the OSSIR , on 6 July 1999.
 
> Author Tristan Debeaupuis 
> Type 33 slides [ French - HTML ]  
> Abstract &
Table of content		 Flyleaf
Introduction
Plan
Introduction
Organisation de la mise en place
Limites sans IDS
SHADOW : le nécessaire
Vue globale de l'architecture
Architecture mise en place
SHADOW est un atelier
Pourquoi TCPdump ?
Type d'IDS
Proposition d'architecture
Téléchargement du logiciel
Mettre en place un senseur
Mettre en place la station d'analyse
Les filtres
Un filtre IMAP
Un filtre NFS et la sortie
C'est facile
Affiner un filtre
Le filtre Core_Hosts
Filtre serveur Web Core_Host Filter
Filtre Core_Host pour les serveurs Web Interpretation
Filtre Bad_Events
Filtre Bad_Hosts
Filtres ... fin
Affichage
Affichage
Affichage sur le long terme
Affichage sur le long terme
Ce qu'il vous reste à faire
Mise en place du modèle optimal
Conclusion  
> Related documents
themeIntrusion Detection
[Tip]  Argus [19 February 2002 - French/English]
[Course]  Advanced Intrusion Detection
[Presentation]  Encrypting hostile Web content over HTTP [31 May 2007 - French]
[Presentation]  Intrusion Prevention : New reinforcement tools for perimetric defense [16 June 2005 - French]
[Presentation]  Generation of regular expressions from logged events [2 February 2005 - French]
[Presentation]  Intrusion detection and network forensic [6 May 2004 - French]
[Presentation]  Intrusion Detection [25 September 2002 - French]
[Tip]  Advanced Intrusion Detection Environment (AIDE) [9 January 2002 - French]
[Tip]  Follow-up on discovering the libnids [6 September 2001 - French]
[Tip]  Introduction to the libnids [13 April 2001 - French]
[Tool]  rkscan tool [Rootkit scanner for loadable kernel-module rootkits - English]
[Tip]  RKSCAN: Scanner for loadable kernel-module rootkits [25 October 2000 - English]
[Tip]  Presentation and detection of the ADORE rootkit [16 October 2000 - French]
[Tool]  IDSwakeup tool [Test of intrusion detection systems - English]
[Presentation]  Round table on intrusion detection [8 June 2000 - French]
[Presentation]  Technical method to evade intrusion detection system. [27 March 2000 - French]
[Presentation]  Help to detect attack, intrusion and anomaly. [27 March 2000 - French]
[Presentation]  Introduction to intrusion detection [26 January 2000 - French]
[Presentation]  Presentation of some free software for intrusion detection [26 January 2000 - French]
> Copyright © 1999, Hervé Schauer Consultants, all rights reserved.

 

Last modified on 22 April 2002 at 15:08:40 CET - webmaster@hsc.fr
Information on this server - © 1989-2010 Hervé Schauer Consultants