02233

Netværkssikkerhed
Network Security

• Introduktion
• Nessus Scan
• Nessus Questions
• Snort Questions
  • Question 1
  • Question 2
  • Question 3
  • Question 4
  • Question 5
  • Question 6
  • Question 7
  • Question 8
  • Question 9
  • Question 10
  • Question 11
  • Question 12
  • Question 13
  • Question 14
  • Question 15
  • Question 16
  • Question 17
  • Question 18
• References

Question 18

Given the company network from the exercises, where would one or more Snort IDS be positioned in the network, and how should they be put to use?

1. between the router and the firewall - to see what's being attempted
2. behind the firewall - to see if any attacks are actually entering the corporate network
3. on each separate network segment - to see if any suspicious activity is taking place (see question 12 for examples)
4. on each web-host - as HIDS to scan for the things that are hard or impossible to detect on the network

Bjarne D Mathiesen

Michael Pantridge

Thabet Al-Assdi

Chang Jensen