14

Vulnerability Scanning and Intrusion Detection

There are lots of threats out there, and some of them might even penetrate your network. You’ll want to know when that happens, so you’ll want to have a good Network Intrusion Detection System (NIDS) or Network Intrusion Prevention System (NIPS) in place. In this chapter, we’ll look at Snort, which is probably the most famous one. Then, I’ll show you a way to cheat so that you can have a good NIDS/NIPS up and running in no time at all. I’ll also show you a quick and easy way to set up an edge firewall appliance, complete with a built-in NIPS.

We’ve already learned how to scan a machine for viruses and rootkits by installing scanning tools on the machines that we want to scan. However, there are ...

Get Mastering Linux Security and Hardening - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.