Graphical "intrusion detection systems" and "intrusion prevention systems"
Ioannis Vranos
ioannis.vranos at gmail.com
Sat Feb 11 18:26:53 UTC 2012
On Sat, Feb 11, 2012 at 8:21 PM, Jacob Mansfield <cyberjacob at gmail.com> wrote:
>
> On 11 Feb 2012, at 17:52, Ioannis Vranos wrote:
>
> I have been reading a book about Linux administration, and it is
> mentioning network security tools like Snort.
>
> However this is complex stuff. Do you know any simple, with GUI front
> end, "intrusion detection systems" (IDS), and "intrusion prevention
> systems" (IPS)?
>
>
> IDS and IPS are more to do with physical security, eg. door locks and motion sensors
This is what the book is mentioning:
"Snort
An intrusion detection system (IDS) provides a way to promiscuously
monitor a point in
the network and report on questionable activity seen based on packet
traces. The Snort
program (www.snort.org) is an open source IDS and intrusion prevention
system (IPS)
that provides extensive rule sets that are frequently updated with new
attack vectors.
Any questionable activity can be sent to a logging host, and several
open source log-
processing tools are available to help make sense of the information
gathered (e.g., the
Basic Analysis and Security Engine, or BASE).
Running Snort on a Linux system that is located at a key entry/exit
point in your
network is a great way to track the activity without having to set up
a proxy for each
protocol that you wish to support. A commercial version of Snort
called SourceFire is
also available. You can find out more about SourceFire at www.sourcefire.com".
My question is, is there any simple, GUI, thing like snort?
--
Ioannis Vranos
http://cppsoftware.binhoster.com
More information about the ubuntu-users
mailing list