Language Selection

English French German Italian Portuguese Spanish

Using the 'snort' Intrusion Detection System

Filed under

Snort is the leading open source Network Intrusion Detection System and is a valuable addition to the security framework at any site. Even if you are employing lots of preventative measures, such as firewalling, patching, etc., a detection system can give you an assurance that your defences truly are effective, or if not, will give you valuable information about what you need to improve.

Fortunately, there is a good set of snort packages for Debian which takes a lot of the tedious work out of building a useful Network Intrusion Detection System. Before we start on installation, we should review a few details about the networking satack that you're going to need to make sense of the alerts snort will generate. Impatient readers and those who are familiar with the TCP/IP suite of protocols may do now skip to the bit that says Stand alone snort.

Full Article.

More in Tux Machines

Linux Devices

Leftovers: Software

  • PacketFence v5.5 released
    The Inverse team is pleased to announce the immediate availability of PacketFence 5.5.0. This is a major release with new features, enhancements and important bug fixes. This release is considered ready for production use and upgrading from previous versions is strongly advised.
  • Wammu 0.40
    The list of changes is not really huge: Correctly escape XML output. Make error message selectable. Fixed spurious D-Bus error message. Translation updates.
  • 20 Years of GIMP, release of GIMP 2.8.16
    Back in 1995, University of California students, Peter Mattis and Kimball Spencer, were members of the eXperimental Computing Facility, a Berkeley campus organization of undergraduate students enthusiastic about computers and programming. In June of that year, the two hinted at their intentions to write a free graphical image manipulation program as a means of giving back to the free software community.
  • NetworkManager 1.0.8 Is a Massive Release, Supports IPv6-Only VPN Connections
    The developers of the popular NetworkManager software, which is used in numerous GNU/Linux operating systems as the default network connection manager solution, have announced a new stable release, NetworkManager 1.0.8.
  • RAR 5.30 Brings Multipart Support for 7-Zip and Testing for tar.gz, tar.bz2 and tar.xz
    RAR is a powerful archive manager that can be used to reduce the size of files and to decompress RAR, ZIP, and other formats. A new major upgrade has been released, bring the version number up to 5.30.

Today in Techrights

One truly massive Git -- GitLab Enterprise Edition

Open-source GitLab is being used for collaboration across over 100,000 organisations to help large distributed teams of developers to work together and control features that allow users to build apps with both accountability and enterprise-grade support. Read more Also: GitLab Introduces New Version of Enterprise Edition for Git