tailieunhanh - Open Source Security Tools : Practical Guide to Security Applications part 29

Open Source Security Tools : Practical Guide to Security Applications part 29. Few frontline system administrators can afford to spend all day worrying about security. But in this age of widespread virus infections, worms, and digital attacks, no one can afford to neglect network defenses. Written with the harried IT manager in mind, Open Source Security Tools is a practical, hands-on introduction to open source security tools. | Page 259 Thursday June 24 2004 9 54 PM Using Databases and Web Servers to Manage Your Security Data 259 So you now know how to build a complete Snort intrusion detection network with multiple sensors logging into a database tool that can be used to analyze the data and do reporting. This will help you better use the intrusion detection data make the most of your security efforts and have some tangible reports and graphs to show management. Now we will look at some tools that can help with your vulnerability scan data. Flamey the Tech Tip Use Names Carefully Be careful when talking to your boss about using Snort and ACID at work. Make sure he or she understands that these are valuable man agement programs not illegal controlled substances NPI Nessus PHP Interface NPI Author primary contact Kristofer T. Karas Web site http pub nessus-php Platforms Most UNIX License GPL Version reviewed .01a One problem when using the vulnerability scanner Nessus to scan medium- to large-size networks is that the reports can be quite intimidating. The Nessus reporting formats themselves are fine and the HTML is fairly easy to navigate but when you have a couple of hundred pages of data to sort through it can be hard to see the important data amongst all the noise. It would be nice to have something to organize the scan data any way you like. To really be able to analyze it you need to get your data into a database versus the standard flat file format. You also want to be able to access the data easily such as from a Web-based interface. With this capability you could quickly get to the most important data and analyze scan results over time to see if your network was getting more secure or less secure. Fortunately several products integrate Nessus with a database. A few of the Nessus-to-database programs are NesQuik Java Nessus Report Manager and Nessus PHP Interface NPI . I selected NPI for this book for a number of reasons. First it is a .

TỪ KHÓA LIÊN QUAN