Linux Journal

Stealthful Sniffing, Intrusion Detection and Logging

In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...
Small Business Computing

Use Snort for Lightweight Intrusion Detection

Designed to fill the gap left by expensive, heavy-duty network intrusion detection systems, Snort is a free, cross-platform packet sniffer, logger, and intrusion detector for monitoring smaller TCP/IP ...
Ars Technica

Snort Problems

I let my intern upgrade the rules to the snort box and now it's hosed when I start it I get this<BR><BR><pre class="ip-ubbcode-code-pre"> ERROR: /etc/snort/snort.conf ...
CSOonline

Tuning Snort with Host Attribute Tables

Having trouble finding malicious activity during Snort scans? Your Snort implementation may need a tune up. Joel Esler tells you how to do it using host attribute tables. The question I receive most ...