Linux Journal

Stealthful Sniffing, Intrusion Detection and Logging

In a column about syslog [see “syslog Configuration” in the December 2001 issue of LJ] I mentioned “stealth logging”--by running your central log server without an IP address, you can hide your ...
CSOonline

Tuning Snort with Host Attribute Tables

Having trouble finding malicious activity during Snort scans? Your Snort implementation may need a tune up. Joel Esler tells you how to do it using host attribute tables. The question I receive most ...