On Wed, May 20, 2009 at 11:25 PM, ubernewbie <[email protected]> wrote: > > I work for a small company with a hub/spoke network. I've been tasked with > setting up an IDS(Snort) to begin monitoring security related events and > basically build out a security program/infrastructure. Do any of you have > any good sites/forums that go into the process of intrusion detection. <snip>
Well... I would first of all ask onsite help from someone who is more experienced than this. For a general "what is snort" article, see http://en.wikipedia.org/wiki/Snort_(software) For documentation on specific setups etc see http://www.snort.org/docs/ But, this is not just a point-and-click product, you need to understand exactly what you're trying to achieve, what the threats are and what your response will be when you get an alert... Cheers -A
