Skip to Main Content
Network Security Hacks, 2nd Edition
book

Network Security Hacks, 2nd Edition

by Andrew Lockhart
October 2006
Intermediate to advanced content levelIntermediate to advanced
478 pages
12h 11m
English
O'Reilly Media, Inc.
Content preview from Network Security Hacks, 2nd Edition

Chapter 11. Network Intrusion Detection

Hacks 106120

One type of tool that’s come to the forefront in network security in recent years is the network intrusion detection system (NIDS). These systems can be deployed on your network and monitor the traffic until they detect suspicious behavior, when they spring into action and notify you of what is going on. They are excellent tools to use in addition to your logs, since a network IDS can often spot an attack before it reaches the intended target or has a chance to end up in your logs.

Currently, there are two main types of NIDS. The first type detects intrusions by monitoring network traffic for specific byte patterns that are similar to known attacks. A NIDS that operates in this manner is known as a signature-based intrusion detection system. The other type of network IDS is a statistical monitor. These systems also monitor the traffic on the network, but instead of looking for a particular pattern or signature, they maintain a statistical history of the packets that pass through the network and report when they see a packet that falls outside of the normal network traffic pattern. NIDSs that employ this method are known as anomaly-based intrusion detection systems.

In this chapter, you’ll learn how to set up Snort, a signature-based IDS. You’ll also learn how to set up Snort with SPADE, which adds anomaly-detection capabilities to Snort, giving you the best of both worlds. This chapter also demonstrates how to set up several ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Network Security Hacks

Network Security Hacks

Andrew Lockhart
Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 0596527632Errata Page