I have setup snort inside a Cent box. It seems to run fine, outputs to base fine, but all of my alerts are of the unclassified type. See attached picture.

The only possibility that I know of / found is that I am running snort 2.9.0.2 with 2.9.0.1 rules. But I'm not sure about that. This is my first snort install.

I have even hit it with Nmap and nothing else shows up.

http://www.flickr.com/photos/lubinski/5272407480/

Thanks for the links, always looking for new rss feeds to pipe into my netvibes page.

Is there anyway to get this manual without becoming a silver or gold member?

I am now writing down these thoughts I have been throwing around in my head for the past week or so. Here it goes.

Have we forgotten about the non technical side of security? Things like policies, procedures, and evolutionary methodologies. I take into account methodologies more than the rest in the following. Should we not know more of the different ways to think of and around troubles than the technical controls we put in place? Take into account the hiring of a new employee. We so heavily weigh their resumes that just getting in the door can sometimes be like an impossible feat. (This is where I think the key lies). Do we not at all take into account talent rather than skill?

If someone has a solid thinking pattern through common security methods or frameworks than don't you think he is more capable than the other with a significant amount of security controls under his belt?

I mean in the end its all technical controls we are talking about here. These can be learned by the individual with enough TALENT.

Far too often we prioritize over the wrong set of specifications. This can also be extrapolated to which ever topic you like. After all I am beginning to believe that security is 80% business and only 20% technical.

What say you?

So here is something you do not see everyday. I have been tasked with an assignment of highlighting the three top areas of risk for deploying a web application running an open source version of Linux. Here is the assignment I have written.

This assignment will already of been turned in when I post this so this is definitely not a ploy to get the EH community to contribute to my overall grading.

Any comments, objections, recommendations would really be appreciated. Thanks a lot.

http://cid-ead9353c957f5d0a.skydrive.live.com/redir.aspx?resid=EAD9353C957F5D0A!263&authkey=noN9CubFdMI%24

Excellent. I feel like i stumbled upon a golden trove of usefulness here..

I will take another look at the dojo. Thanks for tip. Can someone describe the experience they have had with hackingdojo.com? I got some information off of their site but if you can fill in the spaces that would be wonderful.

Thanks for the replies, I am currently looking at the various other options posted here.

I did not mean to portray elearnsecurity as a bad option, just that the PWB course looks better after looking at both. Price is sort of a major factor here so we will see what the budget boils down to.

I will keep you posted and thanks for all the info.

After looking through a few certifications I have come to the end result that I will purchase the PWB courseware from the Offsec guys.

My main goal is to gain knowledge to support the Bachelors in Information Security I have. This looks like a great place to start.

I'm not a huge Linux person atm but I have been working more and more with Backtrack lately.

Is this course appropriate or should I start lower on the ladder?

I see a course from elearnsecurity but It does not look as good or come as highly recommended.

I wrote the post for the primary purpose of being a "firestarter". The views expressed don't necessarily express my own and I agree with a lot of your comments, thanks for the replies.

Either way (a) government(s) has a heavy hand in all of this. Sometimes they over reach some times they are too conservative. Interesting topic though.

Brings to the forefront Cyber Warfare and its role in the future.

Now heres my own opinion. I think that a division of the government should be allowed to attack with bits with no remorse. The black side of the field doesn't show any remorse why should we?

I bring this possibly hypothetical situation to the table.

As everyone knows Wikileaks has been forced to run and hide with the latest "cables" that were released. ( I will not debate the legality of Wikileaks, this is not about that). Wikileaks has been put under numerous attacks and been pulled from numerous services. Examples will be Paypal and EveryDNS. They have faced extreme pressure from numerous governments now and have Assange has been put on Interpol's wanted list.

To me Wikileaks has raised a very important issue here. With the pressure from numerous governments and companies and possibly those same governments or companies inflicting the DDOS attacks.

WHO is on Wikileaks side? 

Shouldn't we as a security community stand up for whoever chooses to use the internet as a communication medium? 

It seems to be really one sided here. There is the chance that I am just not privy to the information flowing back the other way due to our corrupted news organizations.

What do you think?