Linux Server Security (2nd Edition( [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Linux Server Security (2nd Edition( [Electronic resources] - نسخه متنی

Michael D. Bauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید







13.5. Resources


Amoroso, Ed. Intrusion Detection. Sparta, NJ: Intrustion.Net Books, 1999.



Excellent introduction to the subject.



Baker, Andrew, Brian Caswell, and Mike Poor. Snort 2.1 Intrusion Detection, Second edition. Syngress, 2004.





Up-to-date details on
Snort, ACID,
Barnyard, and
Sguil.



Card, Rémy, Theodore Ts'o, and Stephen Tweedie. "Design and Implementation of the Second Extended Filesystem." (http://web.mit.edu/tytso/www/linux/ext2introl)





Excellent paper on the LinuxEXT2 filesystem; the section
entitled "Basic File System
Concepts" is of particular interest to Tripwire
users.


Northcutt, Stephen and Judy Novak. Network Intrusion Detection: An Analyst's Handbook. Indianapolis: New Riders Publishing, 2001.




A very practical book with many examples showing system log excerpts
and configurations of popular IDS tools.


http://www.chkrootkit.org/


Home of the chkrootkit shell
script and an excellent source of information about how to detect and
defend against rootkits.


http://sourceforge.net/projects/tripwire


Project pages for Tripwire Open Source. The place to obtain the
latest Tripwire Open Source code and documentation.


http://prdownloads.sourceforge.net/tripwire/tripwire-2.3.0-docs-pdf.tar.gz


Tripwire Open Source Manual and the Tripwire Open Source Reference
Card in PDF format. Required reading! (If this link
doesn't work, try http://sourceforge.net/project/showfiles.php?group_id=3130)

http://www.tripwire.org


Home page for Tripwire Open Source. Binaries for Linux
available here.


http://www.tripwire.com/downloads/tripwire_asr/


Tripwire Academic Source Release download site.


http://securityportal.com/topnews/tripwire20000711l


Article on using Tripwire Academic Source Release, by Jay
Beale (principal
developer of Bastille Linux).


http://sourceforge.net/projects/aide


Official web site for the Advanced Intrusion
Detection Environment (AIDE).


http://www.geocities.com/fcheck2000/


Official web site for
Fcheck,
an extremely portable integrity checker written entirely in Perl.


Ranum, Marcus J. "Intrusion Detection & Network Forensics."



Presentation E1/E2 at the Computer Security
Institute's 26th Annual Computer Security Conference
and Exhibition, Washington, D.C., 17-19 Nov 1999.


http://www.snort.org


Official Snort web site: source, binaries,
documentation, discussion forums, and amusing graphics.


http://acidlab.sourceforge.net/


The Analysis Console for Intrusion
Databases (ACID) is a
PHP application that
analyzes IDS data in real time. ACID is a popular companion to Snort
because it helps make sense of large Snort data sets.


http://www.algonet.se/~nitzer/oinkmaster


Home of the Oinkmaster auto-Snort rules update
script.


http://www.whitehats.com


Security news, tools, and the
arachNIDS attack signature
database (which can be used to update your SNORT rules automatically
as new attacks are discovered).


http://www.lids.org


The Linux
Intrusion Detection System (LIDS) web site. LIDS is a kernel patch
and administrative tool that provides granular logging and access
controls for processes and for the filesystem.



/ 94