Language Selection

English French German Italian Portuguese Spanish

Using the 'snort' Intrusion Detection System

Filed under
HowTos

Snort is the leading open source Network Intrusion Detection System and is a valuable addition to the security framework at any site. Even if you are employing lots of preventative measures, such as firewalling, patching, etc., a detection system can give you an assurance that your defences truly are effective, or if not, will give you valuable information about what you need to improve.

Fortunately, there is a good set of snort packages for Debian which takes a lot of the tedious work out of building a useful Network Intrusion Detection System. Before we start on installation, we should review a few details about the networking satack that you're going to need to make sense of the alerts snort will generate. Impatient readers and those who are familiar with the TCP/IP suite of protocols may do now skip to the bit that says Stand alone snort.

Full Article.

More in Tux Machines

Voyager 9 Linux Distro Enters Development, Now Based on Debian 9 "Stretch"

The developers of the Voyager Linux OS announced the availability of the first Beta build of the upcoming Voyager 9 release, which will be based on the soon-to-be-announced Debian GNU/Linux 9 "Stretch" operating system. Read more

Black Lab Linux Gets First Weekly ISOs, Adds Linux Kernel 4.8 from Ubuntu 16.10

Earlier this week, we told you that Black Lab Software, the developers of the Ubuntu-based Black Lab Linux distribution, published the roadmap of the next Black Lab Linux releases. Read more

Games for GNU/Linux

Linux 4.9.13

I'm announcing the release of the 4.9.13 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-st... Read more Also: Linux 4.4.52 Linux 4.10.1