Detecting Attacks

Otto Monnig omonnig at gmail.com
Sat Jun 11 22:01:35 UTC 2016


Security Onion is a FOSS Linux distribution with several great security tools integrated into an installer.  
https://security-onion-solutions.github.io/security-onion/ <https://security-onion-solutions.github.io/security-onion/>

Snort & Suricata are signature based detection tools.  Bro is a domain specific language for packet analysis and processing.

https://isc.sans.edu/forums/diary/Why+I+think+you+should+try+Bro/15259/ <https://isc.sans.edu/forums/diary/Why+I+think+you+should+try+Bro/15259/>

--
Otto Monnig



> On Jun 11, 2016, at 12:22 AM, subashini hariharan <suba.h17 at gmail.com> wrote:
> 
> Hello,
> 
> I am Subashini, a graduate student. I am interested in doing my project in
> Network Security. I have a doubt related to it.
> 
> The aim is to detect DoS/DDoS attacks using the application. I am going to
> use ELK (ElasticSearch, Logstash, Kibanna) for processing the logs (Log
> Analytics).
> 
> My doubt is regarding how do we generate logs for detecting this attack? As
> I am new to this process, I am not sure about it.
> 
> Also, if it is possible to do any other attacks similar to this, you can
> please give a hint about it.
> 
> Could anyone please help with this, it would be a great help!!
> 
> 
> -- 
> Thank You.
> 
> With Regards,
> H.Subashini




More information about the NANOG mailing list