In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...

Need a simple-to-use yet highly flexible intrusion detection package? If so, look no further than Snort. This Linux utility might be just what you need for network traffic monitoring, and Jim McIntyre ...

Having trouble finding malicious activity during Snort scans? Your Snort implementation may need a tune up. Joel Esler tells you how to do it using host attribute ...

i'm setting up a dedicated snort box. i followed Patrick Harper's excellent documentation.<BR><BR>however, he doesn't go into how to set a dedicated IDS, with multiple interfaces.<BR><BR>while i haven ...

I let my intern upgrade the rules to the snort box and now it's hosed when I start it I get this<BR><BR><pre class="ip-ubbcode-code-pre"> ERROR: /etc/snort/snort.conf ...

Designed to fill the gap left by expensive, heavy-duty network intrusion detection systems, Snort is a free, cross-platform packet sniffer, logger, and intrusion detector for monitoring smaller TCP/IP ...