Introduction to Intrusion Detection With Snort
Click here to download now
Overview: Intrusion detection is the methodology by which undesirable or aberrant activity is detected on a host or a network. As soon as someone discovers new computer security vulnerability, hordes of crackers start knocking at the doors of computers worldwide to see if they can penetrate their defenses. Many sites employ a combination of border router firewalls and host-based packet filters and wrappers to protect themselves, but what if the vulnerability is in the very mechanism thats used to secure a service? After a brief discussion of IDS, this white paper focuses on pattern-matching network-based IDS, Snort.