• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Detecting a Compromise

The easiest method of detecting an attack and a compromise of your system is by setting up alert capabilities of your firewall and IDS. Because firewalls and IDSs have similar functions, you can probably get by with one rather than having both in place. The several firewalls we reviewed have IDS-like capabilities, from the pop-up alert windows of ZoneAlarm Pro and Norton Personal Firewall to the flashing icon of BlackICE Defender.

Many commercial IDSs are available, but home users won't have much selection for Windows-based operating systems. The Unix environment offers many IDS products because Unix programs tend to be free and open source. Free solutions are more readily available to Unix users. One of the most popular is Snort (www.snort.org). Snort runs on both Unix and Windows systems, but it does require some in-depth knowledge. In addition, it requires a great deal of time in setting it up and understanding the reports.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint