ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
An example of communication between security tools: iptables - snort
Full text PdfPdf (5.80 MB)
Source ACM SIGOPS Operating Systems Review archive
Volume 39 ,  Issue 3  (July 2005) table of contents
Pages: 34 - 43  
Year of Publication: 2005
ISSN:0163-5980
Authors
Jorge Herrerías Guerrero  ITESM-CEM
Roberto Gómez Cárdenas  ITESM-CEM
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 12,   Downloads (12 Months): 54,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1075395.1075398
What is a DOI?

ABSTRACT

Two of the most used tools in the area of computer security are the firewalls and the Intrusion Detection Systems. Both of them fulfill the task for which they were designed for but unfortunately their response to an attack can be limited. The communication of both tools increases the response capacity of the system, but we need a protocol to communicate them. In this paper we present how is to communicate two security tools: snort and Iptables. The communication is based on the Intrusion Detection Message Exchange Format (IDMEF) proposed by the Intrusion Detection Working Group (IDWG).


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Brian Caswell , James C. Foster , Ryan Russell , Jay Beale , Jeffrey Posluns, Snort 2.0 Intrusion Detection, Syngress Publishing, 2003
 
2
Russell, P. Rusty. Netfilter/iptables. November 2003. <http://www.netfilter.org>
 
3
Caswell, Brian y Marty Roesch. Snort: The Open Source Network Intrusion Detection System. November 2003. <http://www.snort.org>
 
4
Curry, David y Hervé Debar. Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition. January 2003. <http://www.ietf.org/internet-drafts/draft-ietf-idwg-idmef-xml-10.txt>
 
5
McAlerney, Joe. IDMEF XML plug in for the Snort IDS. January 2003 <http://www.silicondefense.com/idwg/snort-idmef/>
 
6
McAlerney, Joe y Adam Migus. Libidmef: C library implementation of the IDMEF XML draft. June 2002 <http://www.silicondefense.com/idwg/libidmef/index.htm>
 
7
Russell, P. Rusty. Linux iptables HOWTO. September 1999.
 
8
Andreasson, Oskar. Iptables Tutorial. April 2003.
 
9
Roesch, Martin y Chris Green. Snort Users Manual. 2003 <http://www.snort.org/docs/writing_rules/>
 
10
Bace, Rebecca y Peter Mell. "Intrusion Detection Systems". NIST Special Publication. SP800-31 November 2001 <http://csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf>
 
11
Denise Draper , Alon Y. Halevy , Daniel S. Weld, The Nimble XML Data Integration System, Proceedings of the 17th International Conference on Data Engineering, p.155-160, April 02-06, 2001

CITED BY
Hai Jin , Guofu Xiang , Feng Zhao , Deqing Zou , Min Li , Lei Shi, VMFence: a customized intrusion prevention system in distributed virtual computing environment, Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication, January 15-16, 2009, Suwon, Korea

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Data communications

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

  D. Software
  D.4 OPERATING SYSTEMS
      D.4.0 General

          Nouns: Linux
      D.4.6 Security and Protection
          Subjects: Information flow controls; Invasive software (e.g., viruses, worms, Trojan horses)

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.4 System Management
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Unauthorized access (e.g., hacking, phreaking)


General Terms:
Security

Collaborative Colleagues:
Jorge Herrerías Guerrero: colleagues
Roberto Gómez Cárdenas: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player