Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Using the 'snort' Intrusion Detection System

Debian Using the 'snort' Intrusion Detection System
Post date: December 27, 2005, 10:12 Category: Security Views: 71
Tutorial quote: Snort is the leading open source Network Intrusion Detection System and is a valuable addition to the security framework at any site. Even if you are employing lots of preventative measures, such as firewalling, patching, etc., a detection system can give you an assurance that your defences truly are effective, or if not, will give you valuable information about what you need to improve.

Fortunately, there is a good set of snort packages for Debian which takes a lot of the tedious work out of building a useful Network Intrusion Detection System. Before we start on installation, we should review a few details about the networking satack that you're going to need to make sense of the alerts snort will generate. Impatient readers and those who are familiar with the TCP/IP suite of protocols may do now skip to the bit that says Stand alone snort.
Unix+clones Using Afick To Aid In Intrusion Detection
Post date: April 12, 2005, 21:04 Category: Security Views: 33
Tutorial quote: Afick is a fast and portable utility which acts as an aid in intrusion detection as well as helping to monitor the general integrity of your system. Afick was written by Eric Gerbier and is distributed under the GNU General Public License. It is available for a number of platforms in both binary and source formats.
Fedora+Core Tripwire on your Fedora Box
Post date: April 15, 2005, 20:04 Category: Security Views: 225
Tutorial quote: Tripwire is an Intrusion Detection System. This can be used to alert users whenever their system is compromised. Tripwire detects and reports changes in system files. It will alert you through email whenever a change is detected. If the change is due to normal system activity, you can instruct Tripwire not to report the change to that file in future. If the change is not due to normal system activity, then it is a clear indication that something is wrong and you need to act immediately and fix the issue. Thus tripwire comes very handy to maintain the integrity of the system.

There is lot of information on the web about Tripwire. Some people might argue that AIDE (Advanced Intrusion Detection Environment) is better than tripwire and so on. This comparison is beyond the scope of this article. This is an introductory article for novice users who are interested in installing Tripwire on their Fedora Box. Advanced users can refer to the web for relevant information or they can contact appropriate mailing lists like fedora users mailing list.
Linux Automating Builds on Linux
Post date: April 12, 2005, 20:04 Category: Miscellaneous Views: 41
Tutorial quote: An automated nightly build is a process for building an application every night using an infrastructure that automatically executes the required steps at the scheduled time, without any human intervention. A well-planned build process not only builds your application, but also provides you and your team with early detection of incompatible changes in the application components and early detection of errors introduced by newly integrated code. When configured and used properly, automated builds are a critical component for ensuring that the application satisfies quality requirements and continues to run as expected.
FreeBSD Build your own gateway firewall
Post date: April 11, 2006, 17:04 Category: Miscellaneous Views: 24
Tutorial quote: Learn how to build your own gateway firewall using FreeBSD and old PC parts. The firewall will consist of the PF firewall, Snort IDS, various IPS applications, Squid proxy, and some intuitive web interfaces for auditing. The cost of this project should be between free and $200 depending on your resourcefulness. I built mine for free using spare parts that were stockpiled in personal storage and parts that the USMC was throwing away, but you can build one from used and/or new parts for dirt cheap.
Debian Monitoring Services using Mon
Post date: April 4, 2006, 16:04 Category: Installing Views: 16
Tutorial quote: mon is a general-purpose scheduler and alert management tool used for monitoring service availability and triggering alerts upon failure detection. mon was designed to be open and extensible in the sense that it supports arbitrary monitoring facilities and alert methods via a common interface, all of which are easily implemented with programs in C, Perl, shell, etc., SNMP traps, and special mon traps.
Solaris How to Perform System Boot and Shutdown Procedures for Solaris 10
Post date: February 6, 2006, 02:02 Category: System Views: 43
Tutorial quote: System startup requires an understanding of the hardware and the operating system functions that are required to bring the system to a running state. This chapter discusses the operations that the system must perform from the time you power on the system until you receive a system logon prompt. In addition, it covers the steps required to properly shut down a system. After reading this chapter, you’ll understand how to boot the system from the OpenBoot programmable read-only memory (PROM) and what operations must take place to start up the kernel and Unix system processes.
FreeBSD Building a FreeBSD Build System
Post date: April 14, 2006, 20:04 Category: System Views: 24
Tutorial quote: When you finish this article, you will have an unbeatable update system. Even mergemaster will work faster. You will have an update system in which a machine update/upgrade will take less than 10 minutes.
Linux Linux System Calls
Post date: April 12, 2005, 13:04 Category: Miscellaneous Views: 39
Tutorial quote: Tutorial about Linux system call implementation and adding a new system call in Linux.
Linux Performance Tools for Optimizing Linux: Process-Specific CPU
Post date: June 1, 2005, 03:06 Category: Optimizing Views: 140
Tutorial quote: The tools to analyze the performance of applications are varied and have existed in one form or another since the early days of UNIX. It is critical to understand how an application is interacting with the operating system, CPU, and memory system to understand its performance. This chapter will help you understand where the bottleneck in your system is occuring, and how to fix it.