---

Intrusion detection systems: Using tripwire on Linux

[ Thanks to LinuxCareer.com for this link.
]

“Intrusion Detection Systems, which will be henceforth referred
to as IDS, are software applications that monitor a network for any
suspicious activity, the keyword here being “monitor”. The
difference between an IDS and a firewall is that while the former
usually just reports any unusual activity, a firewall is an
application created to stop said activity. So it’s basically a case
of passive vs active. Like we said above, while you can use an IDS
in a SOHO network, its’ true value is shown in larger networks with
lots of of subnets and valuable data. There are also IDPSs, where
the extra ‘P’ stands for prevention, which means that an IDPS will
also try to reconfigure the firewall to reflect a new threatening
situation, for example, so in this case passive meets active. We
will let you dig deeper in the abundant documentation on the
subject, since security in general isn’t the object of our article,
and we will try to focus on the types of IDS, so we can get to our
subject, which is tripwire.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis