LinuxQuestions.org - Intrution Detection using Packet Analysis

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - Intrution Detection using Packet Analysis (https://www.linuxquestions.org/questions/linux-security-4/intrution-detection-using-packet-analysis-306287/)

johnnyde

03-26-2005 09:07 AM

Intrution Detection using Packet Analysis

Hi
i am wondering how to detect intruders using packet analysis. so far in my research on internet i found ways to capture the packet using pcap library (libpcap) and save the data for later analysis.
But how to detect if any intruders where there. Any pointer on the concepts or the techniques used to detect intruders using packet analysis would be very helpful

Thanks in advance
Johnny :study:

auximini

03-26-2005 09:33 AM

Have you tried snort?

I would also recommend reading "Network Intrusion Detection - An Analysts Handbook"

All times are GMT -5. The time now is 05:30 AM.