Managing Security with Snort and IDS Tools

p0f (Passive OS Fingerprinting Tool) 

p2p.rules 

Packetfactory 

packets  [See also network packets]

    capture length 

    changing order of rules applied to 

    checksums, controlling 

    illegal header settings 

    logging, turning off 

    sniffing 

    viewing in ACID 

    with nonidentifiable yet suspicious content 

Packetstromsecurity 

Packetyzer 

paralyze attack phase 

pass rules 

passwords

    confusing MySQL root with Linux root 

    cracking utilities 

    locking accounts after bad guesses 

    one-time password generators 

patching Snort to enable support for SnortSAM 

Pcap tutorial 

peer-to-peer software, detecting activity generated by 

penetrate attack phase 

    application behavior boundary flaws 

    authentication grinding 

    buffer overflows 

    system configuration errors 

    user input validation problems 

perfmonitor preprocessor 

persist attack phase 

PHP

    application services, disabling rule set 

    applications, detecting attacks to 

    enabling modules 

    Hypertext Preprocessor 

    source code, configuring for integration with Apache2 

    testing Apache integration 

phplot 

ping of death attack 

pings specific to particular attack tools, detecting 

pix option (snortsam.conf) 

pkt_count: option (snort.conf) 

policy router  2nd 

policy.rules 

POP2 email service, detecting attacks to 

pop2.rules 

POP3 email service, detecting attacks to 

pop3.rules 

porn.rules 

port

    monitoring 

    scanners 

port option (snortsam.conf) 

ports option (http_inspect_server) 

ports option (stream4_reassemble preprocessor) 

portscans 

    software version-mapping and 

PostgrSQL logging 

preprocessor configuration 

    arpspoof 

    bo 

    flow 

    flow-portscan 

    frag2 

    http_inspect 

    perfmonitor 

    rpc_decode 

    stream4 

    stream4_reassemble 

    telnet_decode 

preprocessors 

    flow, configuring 

    flow-portscan, configuring 

    frag2, configuring 

    http_inspect, configuring 

    stream4_reassemble, configuring 

    tailoring 

printing packets to console 

prioritizing systems and networks to watch 

priority: rule option 

probe attack phase 

    mining the web 

    vulnerability scanners 

    web page scanners 

professionals 

profile option (http_inspect_server) 

promiscuous mode (network interfaces) 

promiscuous mode sniffing, turning off 

propogate attack phase 

Protocol field (rule headers) 

proxy (react response keyword) 

proxy_alert option (http_inspect preprocessor) 

PureSecure Console  2nd 

PureSecure Personal Console