Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Link to Us
Linux Jobs

More on LinuxToday

When Snort is Not Enough

Jun 03, 2008, 06:00 (1 Talkback[s])
(Other stories by Richard Bejtlich)

"As an independent security consultant I offered a course to customers called Network Security Operations, which covered network-centric intrusion detection, response and forensics. Students often asked, 'Is this the Snort course?' And I answered, 'Not exactly, but you're probably in the right place.'

"I've been inspecting and acting upon network traffic for 10 years. When I tell people that I use network traffic as one means to detect and respond to intrusions, many respond by saying, 'So you use Ethereal, right?' I find myself responding in a similar manner to the Snort question: 'Not exactly, but sometimes...'"

Complete Story

Related Stories: