Linux Journal

Stealthful Sniffing, Intrusion Detection and Logging

In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...
Ars Technica

fedora, snort and multiple promiscuous interfaces?

i'm setting up a dedicated snort box. i followed Patrick Harper's excellent documentation.<BR><BR>however, he doesn't go into how to set a dedicated IDS, with multiple interfaces.<BR><BR>while i haven ...
Digit

Unwanted Guest Alert!

You probably have an antivirus, and maybe a firewall to stop attacks to your box. However, have you ever considered using an Intrusion Detection System (IDS), especially if your box is part of a ...
CSOonline

Tuning Snort with Host Attribute Tables

Having trouble finding malicious activity during Snort scans? Your Snort implementation may need a tune up. Joel Esler tells you how to do it using host attribute tables. The question I receive most ...