Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
security_wiki:main [2015/12/30 17:41] mikeofmany [The Rules of Network Security] |
security_wiki:main [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Security ====== | ====== Security ====== | ||
{{ : | {{ : | ||
- | ==== Firewalls ==== | + | |
+ | ===== Firewalls | ||
* [[ Cisco ASA Packet Capture ]] | * [[ Cisco ASA Packet Capture ]] | ||
* [[ Ports Used by LWAPP/ | * [[ Ports Used by LWAPP/ | ||
- | ==== IDS/IPS ==== | + | ---- |
- | * Qradar | + | |
- | * ArcSite | + | ===== IDS/ |
+ | * Cisco SourceFire | ||
* Snort IDS | * Snort IDS | ||
* CheckPoint | * CheckPoint | ||
* BroNSM | * BroNSM | ||
- | ==== The Rules of Network Security ==== | + | * TrendMicro Tipping Point |
- | | + | |
+ | ---- | ||
+ | |||
+ | ===== The Rules of Network Security | ||
+ | | ||
* Never admit | * Never admit | ||
* Deny everything | * Deny everything | ||
Line 18: | Line 24: | ||
* Make counter-allegations | * Make counter-allegations | ||
* Act belligerent and throw stuff | * Act belligerent and throw stuff | ||
- | | + | |
- | | + | |
- | * **Alternate: | + | |
- | | + | |
- | | + | |
- | | + | |
* Is it in the wiki? | * Is it in the wiki? | ||
* Paper trail or it didn't happen, CC everyone or you didn't do it. | * Paper trail or it didn't happen, CC everyone or you didn't do it. | ||
* If it isn't in an email, or ticket, it never happened. | * If it isn't in an email, or ticket, it never happened. | ||
- | | + | |
- | ===Carbon Black=== | + | ---- |
+ | |||
+ | ===== Carbon Black ===== | ||
- Trust me, the community isn't the best, but it's better than nothing. | - Trust me, the community isn't the best, but it's better than nothing. | ||
* https:// | * https:// | ||
- [[ Quick Guide to Carbon Black ]] | - [[ Quick Guide to Carbon Black ]] | ||
- | ===Kippo HoneyPot=== | + | ---- |
+ | |||
+ | ===== Kippo HoneyPot | ||
- {{ security_wiki: | - {{ security_wiki: | ||
- http:// | - http:// | ||
- http:// | - http:// | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ==== SIEMs ==== | ||
+ | * [[ HPE ArcSight ]] | ||
+ | * [[ LogRhythm ]] | ||
+ | * IBM QRadar | ||
+ | * McAfee Nitro | ||
+ | |||
+ | ---- |