Intrution Detection using Packet Analysis
Hi
i am wondering how to detect intruders using packet analysis. so far in my research on internet i found ways to capture the packet using pcap library (libpcap) and save the data for later analysis. But how to detect if any intruders where there. Any pointer on the concepts or the techniques used to detect intruders using packet analysis would be very helpful Thanks in advance Johnny :study: |
Have you tried snort?
I would also recommend reading "Network Intrusion Detection - An Analysts Handbook" |
All times are GMT -5. The time now is 05:30 AM. |