danielowen.com

This came out of a discussion on the NLUG list about making sure that Windows boxes are not infected with malware. This goes beyond that and tries to look at what technologies are out there to protect and monitor your machines. It is somewhat Windows centered but the concepts are the same for any OS (OS X, Linux, *BSD etc). I’ll throw in here my regular comment about OS security. All operating systems have bugs. Some have less than others but any OS must be regularly patched or you will be vulnerable.

This is aimed toward the business market but many of the concepts still hold true for the home user.

This paper reviews the current state of Intrusion Detection Systems (IDS) with a particular emphasis on Network-Based Intrusion Detection systems (NIDS). Many of the topic covered will be applicable for any size business, but issues specific to the Small/Medium Business (SMB) sector are emphasized. The paper covers what an IDS is followed by implementation issues that should be considered when considering an IDS solution.

This paper was originally written in November of 2005. The concepts still hold true today. This article will be a good, no marketing spin, introductory overview of IDS technologies.

This paper explores the elements involved in implementing a Snort IDS and associated software. The considerations and steps taken in building the IDS are discussed, as are the pitfalls and compromises inherent in the implementation discussed in this paper. This paper should be helpful to anyone considering setting up and IDS for the first time regardless of the final software solution that is chosen.