TechRepublic

Using Snort for intrusion detection

Need a simple-to-use yet highly flexible intrusion detection package? If so, look no further than Snort. This Linux utility might be just what you need for network traffic monitoring, and Jim McIntyre ...
Linux Journal

Stealthful Sniffing, Intrusion Detection and Logging

In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...
Linux Journal

Snort: Planning IDS for Your Enterprise

Snort is often referred to as a lightweight intrusion detection system. Snort is labeled lightweight because it is designed primarily for small network segments. Snort is very flexible due to its rule ...
InfoWorld

Network detectives sniff for snoops

Just a few short years ago, an IDS was a luxury. Before the rise of the Web application and the worm, most networks were adequately defended by a firewall at the perimeter and a virus scanner at the ...
Ars Technica

ssh connection to kick off a snort log

alright kids. i've been fighting with this for a while. basically i want to log any and all IP address who connect via ssh. all i really want in this log is a msg header, timestamp, remote IP address ...
ZDNet

Buffer overflow flaw socks Snort

The discovery and disclosure of a serious vulnerability in the Sendmail e-mail software by Atlanta based security giant Internet Security Systems (ISS) is starving another vulnerability of the ...