Intrusion Detection Systems and Intrusion Prevention System with Snort provided by Security Onion.
Bezborodov, Sergey (2016)
Bezborodov, Sergey
Mikkelin ammattikorkeakoulu
2016
All rights reserved
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-201605117200
https://urn.fi/URN:NBN:fi:amk-201605117200
Tiivistelmä
In this thesis I wanted to get familiar with Snort IDS/IPS. I used the Security Onion distribution with a lot of security tools, but I concentrated on Snort. Also I needed to evaluate Security Onion environment and check what features it provides for processing with Snort. During the work I needed to figure out the pros and cons of using Security Onion with Snort as a security system for network. I compared it with alternatives and briefly describe it.
As result I installed Security Onion, work with the environment, configured different features, created and modified rules and so on.
I think this thesis will be helpful for people who want to use IDS/IPS for their network, it should help them to choose IDS/IPS vendor, make Security Onion and Snort installation, make comparison with another one and just get familiar with the network security tools. Also, this thesis can be a part of big research of network security tools, because now is impossible to find such detailed guides and literatures about any IDS/IPS tools. It is a good idea to combine many researches about it and make a good library.
This thesis can be used for further development of Snort and Security Onion as it only on the development phase now, it will provide base for new researching with new versions.
As result I installed Security Onion, work with the environment, configured different features, created and modified rules and so on.
I think this thesis will be helpful for people who want to use IDS/IPS for their network, it should help them to choose IDS/IPS vendor, make Security Onion and Snort installation, make comparison with another one and just get familiar with the network security tools. Also, this thesis can be a part of big research of network security tools, because now is impossible to find such detailed guides and literatures about any IDS/IPS tools. It is a good idea to combine many researches about it and make a good library.
This thesis can be used for further development of Snort and Security Onion as it only on the development phase now, it will provide base for new researching with new versions.