IDS – Page 13 – WindowsTechs.com

intrusion prevention system detected "et policy pe exe" should i worry

Posted on January 31, 2019 by M.Ford

I have a UniFi Security Gateway (USG Pro 4P) and just enabled IPS (intrusion prevention system). I am seeing many “ET POLICY PE EXE or DLL Windows file download HTTP” alerts. I have not been able to find any more information on that alert…. Continue reading intrusion prevention system detected "et policy pe exe" should i worry→

Windows process documentation for tuning Sysmon

Posted on January 16, 2019 by synthesis

I recently installed Sysmon, which logs events to OSSEC and currently monitors several endpoints. I have been trying to whitelist benign processes such as Windows services. Many of these processes run with commandline argumen… Continue reading Windows process documentation for tuning Sysmon→

Is there any methodology to detect smart deauthentication attack?

Posted on January 16, 2019 by Mani Chandra

I’m a project student in IIT-Hyderabad. I have been working in Wifi security domain for my M.Tech. In particular, I chose de-authentication attack.

Whenever I sent De-Auth frames continuously to APs for limited time I got d… Continue reading Is there any methodology to detect smart deauthentication attack?→

Is NTA Just Another Kind of IDS?

Posted on January 14, 2019 by Gary Golomb

Earlier last year, Anton Chuvakin of Gartner posted a question I’ve spent the past few years focused on. Actually, I’ve focused on it since working in the Network Security Wizards office on the Dragon IDS back in Y2K, back when it was called Y2K. In t… Continue reading Is NTA Just Another Kind of IDS?→

How to connect a Raspberry Pi IDS to the home router to detect intrusions network wide?

Posted on January 14, 2019 by Vidura supun

I’m configuring a raspberry pi IDS/IPS with ELK stack on a separate machine, my problem is to connecting it to the router in a way it can read traffic on the whole network and drop the suspicious packets.

The way I came up w… Continue reading How to connect a Raspberry Pi IDS to the home router to detect intrusions network wide?→

Open Source Security Tools and Threat Hunting: The 10 Most Read Bricata Posts on Cybersecurity in 2018

Posted on January 2, 2019 by ironcore

Every week we publish a blog post where we dive into a topic or study around network security. In 2018, we even produced…
The post Open Source Security Tools and Threat Hunting: The 10 Most Read Bricata Posts on Cybersecurity in 2018 appeared first o… Continue reading Open Source Security Tools and Threat Hunting: The 10 Most Read Bricata Posts on Cybersecurity in 2018→

Snort VS Bro vs Suricata [on hold]

Posted on November 24, 2018 by cdemet

I try to find what is best to install,use and for protection for a List of Webservers and databases.

What you prefer Snort, bro or suricata ?

Continue reading Snort VS Bro vs Suricata [on hold]→

sandboxing IoCs and signatures

Posted on November 22, 2018 by blablatrace

Sandboxes are used for automated extraction of indicators of compromise (IoCs) that can be used to write signatures. Can this signature then be used, for example, on an IPS system to block certain actions?

Continue reading sandboxing IoCs and signatures→

Need help regarding Cyber Security project on Intrusion Analysis and File Integrity Monitoring [on hold]

Posted on November 14, 2018 by Kartikeya Chauhan

I want help in making a project that is

Intrusion Analysis and File Integrity Monitoring

I don’t know where to begin or what to do as I am new in this cyber security field as I am a student.
At least someone give me so… Continue reading Need help regarding Cyber Security project on Intrusion Analysis and File Integrity Monitoring [on hold]→

Need help regarding Cyber Security project on Intrusion Analysis and File Integrity Monitoring [on hold]

Posted on November 14, 2018 by Kartikeya Chauhan

I want help in making a project that is

Intrusion Analysis and File Integrity Monitoring