An outsider might be inside your network and ready to release attack traffic. A disgruntled employee might be inside your system and ready to delete files. You're a systems or network admin and it's your job to prevent these types of malicious events.
Where do you begin? A good start is knowing with some certainty that the attackers are even present and a good intrusion detection system will do just that. In this video, security expert Ric Messier explains why intrusion detection systems are necessary, what they do, how they work, where to find them, and how to implement them.
- Understand intrusion detection: Its meaning, its value, and how to implement it
- Master the workings of host-based and network-based intrusion detection systems
- Learn about network captures, cryptographic hashes, alerting, incident response, and more
- Gain awareness of anomaly based and signature based intrusion detection systems
- Learn to use open source intrusion detection systems like Snort, Suricata, and Bro
- Understand how to perform file integrity checks using Tripwire and Samhain
- Review multiple forms of built-into-the-OS IDS systems
Ric Messier directs the Cybersecurity & Digital Forensics program at Champlain College in Burlington, VT. He runs the private security firm WasHere Consulting and is also a Senior Consultant with the security firm IP Architects, LLC. He is author of multiple O'Reilly security titles, including Professional Guide to Wireless Network Hacking and Penetration Testing, Introduction to Penetration Testing, and Mastering Python - Networking and Security.