Search out hidden attacks with the Snort intrusion detection system.
Recently, I implemented an Intrusion Detection System (IDS) for a remotely hosted web farm. After the initial setup, I began testing and configuring to streamline the system. As soon as the system was switched on, I noticed the sort of traffic that shouldn’t be internal to a DMZ. The ISP-controlled firewall had been misconfigured to allow almost all traffic. In the short time the test was running, the IDS logged a large number of port scans and access attempts on the main servers. From these logs, it was obvious that the servers were receiving the wrong sort of attention.
Stop by Rikki's Open Source Exchange for dispatches from the world of women in open source.
Rikki Kite examines the experience of women across the spectrum of open source – the people, projects, organizations, events, articles, issues, and news.
Comments