---

LinuxSecurity.com: Network Intrusion Detection Using Snort

[ Thanks to Benjamin
D. Thomas
for this link. ]

“Snort is a software-based real-time network intrusion detection
system developed by Martin Roesh that can be used to notify an
administrator of a potential intrusion attempt. The ever-increasing
amount of Internet crackers, armed with “ready-to-run” exploits, as
well as the sophisticated attacker that’s intent on defacing your
web page necessitates the use of a method to track their activity
and alert you to this.”

This document takes you through the basics of intrusion
detection, the steps necessary to configure a host to run the snort
network intrusion detection system, testing its operation, and
alerting you to possible intrusion events.

“Until now, intrusion detection devices were either
dedicated-use commercial products, or not real-time and difficult
to install. Snort is the solution for monitoring small TCP/IP
networks where it is not cost-effective to deploy commercial
products. Snort is an easy-to-use, “lightweight”, and very
functional alternative.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis