Jan 24 2005
Thwarting Hackers, Part 3
Thwarting Hacker Techniques: Detecting intrusions while saving money
Part 3 of 5. The author is pointing users to some ideas about Intrusion Detection and Network monitoring. This is the point where you’re slipping from clueless user to talented neophyte to security professional. I’m not going to start asking my father to install Snort on his desktop to catch hackers, but I might suggest it as a fun side project for one of the local Unix administrators.
If you want to know a lot more about Snort, check out Snort 2.0 (I think a 2.2 version may be out) by Brian Caswell, published by Syngress Press. You might also want to get a copy of Ethereal Packet Sniffing by Angela Orebaugh, also from Syngress. For the real TCP/IP arcana, check out TCP/IP Illustrated by W. Richard Stevens from Addison Wesley. This is a reference book, not light reading. Unless you’re having a sleepless night that is.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Free Intrusion Detection Software
Combining the use Snort, and the snort database viewer ACID makes for a very powerfull Intrusion Detection setup. Snort will record all TCP/IP and UDP traffic in real-time on your netork. Acid will let you view it in a nice layout via your web browser….