How to Analyse IDS/ IPS alert in properway

[SRIHARI RAJ]

Hello all,

    I need your guidance/ procedure  to investigate Source fire IDS/IPS critical alerts in proper and structured way. Can any one please help on this. Also please provide me the IDS/IPS learning source and sample investigation documents / templates.

Thanks in advance

Hari.

[Nishant Gupta]

Hi Hari,

I think I can help you on this.

for viewing my WAF I use jwall audit viewer
You can get it from here.
https://www.jwall.org/web/audit/viewer.jsp

And I can give you some sample file to view too. Stay tuned.

for any query you can communicate me here.

-Nishant

--
Our Infosec Network
------------------------------
SecurityXploded - http://securityxploded.com/
SecurityTrainings - http://securitytrainings.net/
MalwareNet - http://malwarenet.com
SecurityPhresh - http://securityphresh.com
 
 
...
---
You received this message because you are subscribed to the Google Groups "SecurityXploded" group.
To unsubscribe from this group and stop receiving emails from it, send an email to securityxplod...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[gaurav damri]

Can anyone guide me to name famous/useful VAPT tools...Even commercial ones!!

--

Regards
Gaurav Damri

[SRIHARI RAJ]

Thank you Nitin,

I can go through suggested link.

I will come back here.

Thanks
Hari.

[SRIHARI RAJ]

Hello Nishant,

     I have browsed https://www.jwall.org/security/ . But im not understanding exactly, may be i don't have more java skills. Can you please help me on IDS/IPS.

Thanks

Hari.

[NaxoneZ .]

Hi,

You can try with this tool:

http://pytbull.sourceforge.net/

Regards

--

[Nishant Gupta]

Hi Hari,

First try to get knowledge and do install/hands on for any IDS/IPS like Snort (For Network Level), Mod Security (For Application level), read source online and if you need books then contact me.

-Nishant