Inside Prelude, an open source IDS
Today organizations, companies, countries, and ordinary individuals have reflections or even a point of presence in another medium, the Internet. In some cases this point of presence is more important than many real world assessments.
The Internet is built on TCP/IP, not the most secure of protocols. It is never easy to know who is trying to endanger your online presence or when. There's no single do-it-all piece of software. If you don't know what you're doing, a whole suite of firewalls, honeypots, and Intrusion Detection Systems (IDS) may not be enough.
The quest for security is hot, and it's recently focused on IDSes. An IDS is a virtual watchdog which watches the network and specific hosts for suspicious behavior. Then, it barks or bites. There are plenty of IDSes to choose from, both commercial and open source.
The open source community has another runner in the race. Prelude is a very promising and featureful IDS. It differs from other IDSes, being a hybrid system. Prelude operates both as a host and network IDS.
[ Read more ]
- Review: Intrusion Detection with SNORT: Advanced IDS Techniques Using SNORT, Apache, MySQL, PHP, and ACID (19 June 2003)
- Review: Network Intrusion Detection 3/e (24 January 2003)