In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...

Designed to fill the gap left by expensive, heavy-duty network intrusion detection systems, Snort is a free, cross-platform packet sniffer, logger, and intrusion detector for monitoring smaller TCP/IP ...

i'm setting up a dedicated snort box. i followed Patrick Harper's excellent documentation.<BR><BR>however, he doesn't go into how to set a dedicated IDS, with multiple interfaces.<BR><BR>while i haven ...

You probably have an antivirus, and maybe a firewall to stop attacks to your box. However, have you ever considered using an Intrusion Detection System (IDS), especially if your box is part of a ...

I let my intern upgrade the rules to the snort box and now it's hosed when I start it I get this<BR><BR><pre class="ip-ubbcode-code-pre"> ERROR: /etc/snort/snort.conf ...

Need a simple-to-use yet highly flexible intrusion detection package? If so, look no further than Snort. This Linux utility might be just what you need for network traffic monitoring, and Jim McIntyre ...

Having trouble finding malicious activity during Snort scans? Your Snort implementation may need a tune up. Joel Esler tells you how to do it using host attribute tables. The question I receive most ...