Linux Today: Linux News On Internet Time.





More on LinuxToday


Federal Computing Week: Spotting mischief

Sep 30, 2001, 23:52 (2 Talkback[s])
(Other stories by Maggie Biggs)

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

"Some technology managers assume that if they implement intrusion detection, their security woes will be solved. Nothing could be further from the truth. However, when intrusion-detection solutions are deployed along with the other six security layers experts recommend, they form a security system that will leave agencies well prepared to combat attacks on or misuse of computing resources.

...Unix- or Linux-based agencies might also examine another network-based intrusion-detection solution maintained by Naval Surface Warfare Center, Dahl.gren Division (www.nswc.navy.mil/ISSEC/CID). Known as SHADOW, this intrusion-detection solution monitors your network in near-real time. Like Snort, SHADOW relies on software-based sensors on your network and uses the Apache Web server to display its management interface.

We found that SHADOW took a bit longer to set up than Snort, mainly because the instructions were not as detailed. We were able to install both the sensor and the analyzing software after a time, and we liked the results. But we'd recommend this solution only for those with experienced Unix or Linux administrators on hand."

Complete Story

Related Stories: