Intrusion detection systems
This month, I'll begin the foray into Intrusion Detection Systems (IDS). There are several decent IDS projects that run on Linux, one of the most popular being Snort. Snort is a flexible tool that can be used for packet sniffing, packet logging, or network intrusion detection.
The reason that I specify "network intrusion detection" is that there are also IDS tools that focus on filesystem detection, host-based intrusion detection, and so forth. Next month, I'll move into host-based and filesystem detection.
By Joe "Zonker" Brockmeier at UNIX Review.
[ Read more ]