[ Thanks to ben@linuxsecurity.com for this
link. ]
“Benjamin Thomas, an active LinuxSecurity.com contributor,
puts together an Intrusion Detection Primer. It is a
collection of six research summaries that outline the basics of
Intrusion Detection.”
“Internet security and privacy is an issue that is beginning to
get the attention of almost all who use computers. Last month the
news media was inundated with reports of Internet vandals
unleashing DDoS (Distributed Denial of Service) attacks on major
websites. Almost all attacks on computer networks can be prevented
if system administrators take the appropriate steps to secure and
monitor their networks. The process of preventing and detecting
security breaches by monitoring user and application activity is
known as intrusion detection. In this paper I illustrate what makes
systems vulnerable, how they are attacked, how to react when a
system is compromised, and give a brief introduction of LIDS(Linux
Intrusion Detection System). Intrusion detection is a proactive
process that requires constant attention of system administrators.
In order to remain secure, network systems must continually be
probed for new security weaknesses. Security is a process of
staying informed.”