NewsForge: Build an IDS with Snort, Shadow, and ACID
Apr 29, 2005, 05:30 (0 Talkback[s])
(Other stories by Mark Bain)
"Every organization understands the importance of using a
firewall to protect its assets. But what happens if someone finds a
hole in the wall? What if the infiltrator is actually someone from
within your organization who wants to access information that he
shouldn't? To cover those contingencies, you need an intrusion
detection system (IDS) to complement your firewall. Fortunately,
with a minimum amount of time and money you can set up an IDS with
open source tools such as Snort, Shadow, and ACID.
"An IDS comprises sensors to do the actual monitoring and a
central console to store and analyse the data collected on each
sensor. A sensor can be a basic PC with an extra network card (to
do the actual monitoring), whilst the central console should have a
bit more processing power and a larger disk..."