The Monitoring Segment

Deploying a separate monitoring segment for an IDS is the generally accepted means of inserting an intrusion monitoring presence into network infrastructure. It is vital even for small deployments, such as Snort and all of its related applications installed on a single desktop computer. Taking the time and energy to install a separate monitoring segment enhances Snort's security and performance. A monitoring segment does not necessarily have to include expensive rewiring and additional network equipment. You can build an inexpensive and relatively secure segment with readily available equipment from your local computer shop.

The thorny part of installing a monitoring segment is the interface between it and the network to ...

Get Intrusion Detection with Snort now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.