LinuxSecurity.com: Intrusion Detection PrimerMar 13, 2000, 07:08 (0 Talkback[s])
(Other stories by Benjamin D. Thomas)
[ Thanks to firstname.lastname@example.org for this link. ]
"Benjamin Thomas, an active LinuxSecurity.com contributor, puts together an Intrusion Detection Primer. It is a collection of six research summaries that outline the basics of Intrusion Detection."
"Internet security and privacy is an issue that is beginning to get the attention of almost all who use computers. Last month the news media was inundated with reports of Internet vandals unleashing DDoS (Distributed Denial of Service) attacks on major websites. Almost all attacks on computer networks can be prevented if system administrators take the appropriate steps to secure and monitor their networks. The process of preventing and detecting security breaches by monitoring user and application activity is known as intrusion detection. In this paper I illustrate what makes systems vulnerable, how they are attacked, how to react when a system is compromised, and give a brief introduction of LIDS(Linux Intrusion Detection System). Intrusion detection is a proactive process that requires constant attention of system administrators. In order to remain secure, network systems must continually be probed for new security weaknesses. Security is a process of staying informed."