Highest Voted 'intrusion-detection' Questions

0

votes

3 answers

NGINX logs in WAZUH

I am using NGINX in my setup, and wazuh for IDS. I want to check all nginx logs (access/error) logs in wazuh kibana, but I am unable to do so. All the logs are forwarded to " /var/ossec/logs/archives/archives.log ", and they are not visible in…

asked Jul 09 '18 at 07:05

Sulaiman

101
1
1

0

votes

1 answer

WAZUH All Commands monitor

How to monitor each and every command executed by user, even in sudo level. I have configured audit rules and they are appearing in audit.logs, but I want to view each command timely from server to Kibana/wazuh manager. enter image description here

kibana audit-logging intrusion-detection ossec

asked May 21 '18 at 12:23

Sulaiman

101
1
1

0

votes

1 answer

Features' value in KDD99 data set was wrong?

In KDD99 data set, a huge number of connections 32nd and 33rd feature’s value is greater than 100. I can’t understand the reason why used a connection window of 100 connections can get a value which is greater than 100? I consulted a lot of…

machine-learning dataset classification intrusion-detection network-security

asked Sep 15 '17 at 05:12

tjhy01

1
1

0

votes

1 answer

How to get the VLAN ID in snort alert?

I am trying to parse snort alerts and filter necessary information such as vlan id where a malicious internal machine belong to! However, I only can get the message, source and destination IPs, I need to get the VLAN ID too. Thanks

snort intrusion-detection vlan

asked Sep 08 '17 at 05:17

Adel

11
3

0

votes

1 answer

Intrusion Detection System, Security+ question

I'm studying to take the Security+ exam. I'm really having problems figuring out this chart. I understand most of it. Can someone explain the following? Why are there 2 sensors in this picture which both point to analyzer? Why is security…

security intrusion-detection

asked Dec 18 '10 at 23:58

Adam Outler

1,651
4
19
23

0

votes

0 answers

Intrusion detection system on AWS

Hi i have a project i'm working on, i have some intrusion detection datasets stored in AWS (in S3) extension arff and pcap file, i tried to install SNORT on EC2 fowolling internet tutorial http://sublimerobots.com/2014/12/installing-snort-part-1/,…

amazon-web-services cloud intrusion-detection

asked Jun 01 '17 at 09:54

Mondher

11
2

0

votes

1 answer

Purpose of the snort´s rules

So for example, why i need scan.rules when there is something like sfportscan preprocessor ? Is it because preprocessor can not detect all the activities and so there is detecting engine using rules with well known signatures of network attacks…

snort intrusion-detection

asked Apr 21 '17 at 18:14

uppermost

1
5

0

votes

1 answer

How to implement Intrusion Detection System in NS2 ?

I want to write a TCL script to implement Intrusion Detection System in NS2. I searched a lot, but I could not find proper help. I implemented basic routing protocols in NS2. I have a bit knowledge in TCL. I want to know how to modify a AODV…

networking network-programming tcl ns2 intrusion-detection

asked Mar 30 '17 at 07:48

Buvaneswari Sekar

53
1
9

0

votes

0 answers

AIrtel js files loading while connecting to most websites

I am not using airtel internet. When I am trying to open few websites, they show up like they are blocked. If I see inspect and there are 2 javascript files injected somehow. One is http://www.airtel.in/dot/js/jquery-1.11.1.min.js and other is…

javascript jquery firefox commonjs intrusion-detection

asked Jan 14 '17 at 07:09

Karthik

61
2
2
7

0

votes

1 answer

Add SNORT rules to my detection system

Could any one give me some rules to test Snort (ARP,ICMP,TCP,UDP) and ensure that my system work properly against attacks like DOS or MITM.

snort intrusion-detection

asked Dec 02 '16 at 10:47

Nahla K

1
2

0

votes

2 answers

Intrustion Detection System on the AWS platform

Is there a solution for an intrustion detection system on the AWS platform? Would you have to go 3rd party or do they have their own offering? Thanks!

security amazon-web-services amazon-ec2 intrusion-detection

asked Nov 25 '16 at 21:03

Justin

2,224
2
22
28

0

votes

1 answer

How to read text file from Snort?

I have a worm that its signature is in .txt file. Now I wanna check it with Snort IDS. I read the the manual page of Snort, But I couldn't find anything. How can I do this?(Is there a command for detecting worms signature using Snort something like…

text command-line snort intrusion-detection

asked Nov 06 '16 at 17:21

Richard

69
2
10

0

votes

2 answers

Snort Output - Traffic Type Recognition

Snort does a lot of work and outputs some useful statistics when it is done. Is there any way to find out the type of traffics and type of attacks that snort has detected, other than alerting system? How to recognize the type of traffic in the snort…

snort intrusion-detection

asked Sep 27 '16 at 10:18

Lakshmi Balan

198
12

0

votes

1 answer

How do I use a snort instance to protect a web server

This is an interesting networking one! Any help would be greatly appreciated! I suspect I am not close to resolving the issue. I have a snort IDS instance on AWS with an IP something like 10.10.10.10, and I have a website with an IP address,…

amazon-web-services networking subnet snort intrusion-detection

asked Sep 10 '16 at 17:18

jeff_h

519
1
9
26

0

votes

2 answers

Attack Signature creation using KDD dataset

I need to create Attack signatures for Signature-Based Intrusion Detection using the KDD data set. Is it possible to use Apriori (or any Association rule learning algorithm) for this task? If not please suggest alternative method.

data-mining apriori intrusion-detection

asked Aug 17 '16 at 13:02

Anuradha

570
6
20

Questions tagged [intrusion-detection]