Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
security_wiki:main [2016/06/25 23:23] billdozor |
security_wiki:main [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 2: | Line 2: | ||
{{ : | {{ : | ||
- | ====== Firewalls | + | ===== Firewalls ===== |
* [[ Cisco ASA Packet Capture ]] | * [[ Cisco ASA Packet Capture ]] | ||
* [[ Ports Used by LWAPP/ | * [[ Ports Used by LWAPP/ | ||
Line 8: | Line 8: | ||
---- | ---- | ||
- | ====== IDS/IPS ====== | + | ===== IDS/IPS ===== |
- | * Qradar | + | * Cisco SourceFire |
- | * ArcSite | + | |
* Snort IDS | * Snort IDS | ||
* CheckPoint | * CheckPoint | ||
* BroNSM | * BroNSM | ||
+ | * TrendMicro Tipping Point | ||
---- | ---- | ||
- | ====== The Rules of Network Security | + | ===== The Rules of Network Security ===== |
- | | + | |
* Never admit | * Never admit | ||
* Deny everything | * Deny everything | ||
Line 24: | Line 24: | ||
* Make counter-allegations | * Make counter-allegations | ||
* Act belligerent and throw stuff | * Act belligerent and throw stuff | ||
- | | + | |
- | | + | |
- | * **Alternate: | + | |
- | | + | |
- | | + | |
- | | + | |
* Is it in the wiki? | * Is it in the wiki? | ||
* Paper trail or it didn't happen, CC everyone or you didn't do it. | * Paper trail or it didn't happen, CC everyone or you didn't do it. | ||
* If it isn't in an email, or ticket, it never happened. | * If it isn't in an email, or ticket, it never happened. | ||
- | | + | |
---- | ---- | ||
- | ====== Carbon Black ====== | + | ===== Carbon Black ===== |
- Trust me, the community isn't the best, but it's better than nothing. | - Trust me, the community isn't the best, but it's better than nothing. | ||
* https:// | * https:// | ||
Line 44: | Line 44: | ||
---- | ---- | ||
- | ====== Kippo HoneyPot | + | ===== Kippo HoneyPot ===== |
- {{ security_wiki: | - {{ security_wiki: | ||
- http:// | - http:// | ||
Line 51: | Line 51: | ||
---- | ---- | ||
+ | ==== SIEMs ==== | ||
+ | * [[ HPE ArcSight ]] | ||
+ | * [[ LogRhythm ]] | ||
+ | * IBM QRadar | ||
+ | * McAfee Nitro | ||
+ | |||
+ | ---- |