DShield - a community approach to intrusion detection
Analyzing firewall logs is key to understanding the threats your servers face. Knowing what the bad guys are looking for is the first step in assessing how vulnerable your servers are. Both open source and commercial firewalls make log information available to firewall administrator. But taking risk assessment a step further, what if there were a way to apply the principles that make open source software successful to firewall log analysis? A way to help yourself and others at the same time? The DShield project seeks to do just that.
By Paul Virijevich at Linux.com
[ Read more ]