There are various applications that security administrators can use to analyze and stop various attacks. Let's look at these here:
- HIDS/HIPS: HIDS/HIPS are both used inside host computers; the HIDS to detect attacks and the HIPS is used to protect the computer against attacks. Both have filters set up to choose an alert type to filter. Look at the following diagram, where we are setting a filter for insecure SSH connection attempts:
Figure 16: HIDS output
- Antivirus/advanced malware tools: There are quite a few antivirus/anti-malware tools that will scan the computer on a regular ...