Wed 26 Mar 2008
Four Good Choices for Your Next IDS
Posted by RossB under Distributions, Networking, Security, Tools/Utils
No Comments
From the article:
If you have only a single computer, then it’s possible for you to spend your days giving it careful manual scrutiny for mischiefs and problems. Perhaps not entirely desirable, but possible. But in the real world we need good tools to monitor and warn us of mischiefs, so we can actually go outside and have a life every so often. Intrusion detection is one of those gnarly jobs that can make you paranoid and nervous — it seems the more you study it, the more difficult, scary, and unreliable it appears. But it’s really not that bad, and Linux admins have a number of powerful tools to choose from. The best tactic is a layered approach that combines the oldies but goodies, like Snort and iptables, add some newfangled tools like psad and AppArmor or SELinux, throw in some nice analysis tools, and you’re darn near state-of-the-art.
Last 3 posts by RossB
- VMWare on the prowl. - August 31st, 2010
- Ubuntu Linux: I Like It, It Doesn't Like Me - August 19th, 2010
- HP: The Linux distributor? - June 17th, 2010
No Responses to “ Four Good Choices for Your Next IDS ”
Comments:
Leave a Reply
You must be logged in to post a comment.
