Linux Journal

Stealthful Sniffing, Intrusion Detection and Logging

In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...
CSOonline

Tuning Snort with Host Attribute Tables

Having trouble finding malicious activity during Snort scans? Your Snort implementation may need a tune up. Joel Esler tells you how to do it using host attribute tables. The question I receive most ...
Ars Technica

Snort Problems

I let my intern upgrade the rules to the snort box and now it's hosed when I start it I get this<BR><BR><pre class="ip-ubbcode-code-pre"> ERROR: /etc/snort/snort.conf ...
Digit

Unwanted Guest Alert!

You probably have an antivirus, and maybe a firewall to stop attacks to your box. However, have you ever considered using an Intrusion Detection System (IDS), especially if your box is part of a ...