An endless number of methods or ways exists to access illegally a web server or a website. The task of defending a system (e.g. network, server, website, etc.) is complex and challenging. SNORT is one of the popular open source tools that can be used to detect and possibly prevent illegal access and attacks for networks and websites. However, this largely depends on the way SNORT rules are designed and implemented. In this paper, we investigated in details several examples of SNORT rules and how they can be tuned to improve websites protection. We demonstrated practical methods to design and implement those methods in such ways that can show to security personnel how effectively can SNORT rules be used. Continuous experiments are conducted to evaluate and optimized the proposed rules. Results showed their ability to prevent tested network attacks. Each network should try to find the best set of rules that can detect and prevent most network attacks while at the same time cause minimal impact on network performance.
International Journal of Security and its Applications
Dabbour, M.; Alsmadi, Izzat M.; and Alsukhni, E., "Efficient Assessment and Evaluation for Websites Vulnerabilities Using SNORT" (2013). Computer Science Faculty Publications. 10.