Hi
i am wondering how to detect intruders using packet analysis. so far in my research on internet i found ways to capture the packet using pcap library (libpcap) and save the data for later analysis.
But how to detect if any intruders where there. Any pointer on the concepts or the techniques used to detect intruders using packet analysis would be very helpful
Thanks in advance
Johnny