ZDNet Australia: Australian innovators attempt to 'SNARE' Linux users

Nov 07, 2001, 04:24 (4 Talkback[s])
(Other stories by Nicole Bellamy)

[ Thanks to Tomas Marek for this link. ]

"InterSect Alliance has developed the first integrated security auditing and event logging subsystem for the open source Linux operating system, beating much larger organisations to the punch. Its new tool, SNARE (System iNtrusion Analysis and Reporting Environment) has been developed with a goal of reducing the cost of entry into system auditing and host-based intrusion detection for system managers, simplifying the process of configuration, reducing resource requirements and providing meaningful reporting to end-users.

According to Leigh Purdie, director and principal security consultant, this is the first release of code for a host-based intrusion detection system, although there have been inroads made into the development of source code to address network-based intrusion detection.

The two systems differ in that while a network-based intrusion detection tool enables the user to determine when an intrusion is being attempted, the host-based system allows the user to identify when an intrusion has been successful."

Complete Story

Related Stories:

• LinuxWorld.com: How to tell if your Linux box has been cracked (Oct 16, 2001)
• Federal Computing Week: Spotting mischief (Oct 01, 2001)
• MachineOfTheMonth: Hacking the hacker(Aug 12, 2001)
• HelpNet Security: Installing and running Tripwire(Aug 06, 2001)
• O'Reilly Network: Tools of the Trade (tcpdump, tripwire)(Jul 15, 2001)
• O'Reilly Network: Tools of the Trade: Part 1(Jun 28, 2001)
• Linux.com: Introduction to Port Scanning(Jun 08, 2001)