Ask the Expert

Can you recommend any freeware applications that can help me monitor my network for intrusions?

Can you recommend any freeware applications that can help me monitor my network for intrusions?

    Requires Free Membership to View

Probably one of the best freeware applications to monitor the network for intrusions would be Snort. Intrusion detection systems can be one of several types. Snort is a good example of a pattern matching IDS. Pattern matching IDS systems rely on a database of known attacks. Attacks signatures are loaded into the system. As soon as the signatures are loaded into the IDS it can begin to guard the network. Curious what a signature looks like, here is one below.

Alert tcp any any -> any 80 (content: "hacker"; msg: "Hacker Site Accessed";)

The signatures are usually given a number or name so that the administrator can easily identify an attack when it sets of an alert. Alerts can be triggered for fragmented IP packets, streams of SYN packets (DoS), or even malformed ICMP packets. What makes Snort an awesome tool is that it can run on Linux or Windows and there's a great base of tools and users out there to help you realize it full potential. Is there a down side to all this good news I am offering? Yes, there is a learning curve involved. If you want to learn more start by checking out Snort.org.

This was first published in March 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: