Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Using Afick To Aid In Intrusion Detection

Unix+clones

Using Afick To Aid In Intrusion Detection

Post date: April 13, 2005, 01:04 Category: Security Views: 2782 Comments
Tutorial quote: Afick is a fast and portable utility which acts as an aid in intrusion detection as well as helping to monitor the general integrity of your system. Afick was written by Eric Gerbier and is distributed under the GNU General Public License. It is available for a number of platforms in both binary and source formats.
Debian

Host Based Intrusion Detection - Samhain

Post date: January 19, 2011, 12:01 Category: Security Views: 4056 Comments
Tutorial quote: This article describes in some detail how to install Samhain, the host based intrusion detection system. I am not going to ramble on about what host based intrusion detection is or why to use it, as there are plenty of articles already covering those subjects. This article is just to show you how to get Samhain up and running in a client / server configuration with a couple bells and whistles thrown in for fun.
Debian

Using the 'snort' Intrusion Detection System

Post date: December 27, 2005, 15:12 Category: Security Views: 4734 Comments
Tutorial quote: Snort is the leading open source Network Intrusion Detection System and is a valuable addition to the security framework at any site. Even if you are employing lots of preventative measures, such as firewalling, patching, etc., a detection system can give you an assurance that your defences truly are effective, or if not, will give you valuable information about what you need to improve.

Fortunately, there is a good set of snort packages for Debian which takes a lot of the tedious work out of building a useful Network Intrusion Detection System. Before we start on installation, we should review a few details about the networking satack that you're going to need to make sense of the alerts snort will generate. Impatient readers and those who are familiar with the TCP/IP suite of protocols may do now skip to the bit that says Stand alone snort.
Ubuntu

Intrusion Detection: Snort, Base, MySQL, and Apache2 On Ubuntu 7.10 (Gutsy Gibbon)

Post date: November 21, 2007, 10:11 Category: Security Views: 4885 Comments
Tutorial quote: In this tutorial I will describe how to install and configure Snort (an intrusion detection system (IDS)) from source, BASE (Basic Analysis and Security Engine), MySQL, and Apache2 on Ubuntu 7.10 (Gutsy Gibbon). Snort will assist you in monitoring your network and alert you about possible threats. Snort will output its log files to a MySQL database which BASE will use to display a graphical interface in a web browser.
Debian

Intrusion Detection For PHP Applications With PHPIDS

Post date: June 24, 2008, 14:06 Category: Security Views: 4469 Comments
Tutorial quote: This tutorial explains how to set up PHPIDS on a web server with Apache2 and PHP5. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the userís session.
Debian

Intrusion Detection With BASE And Snort

Post date: July 16, 2006, 16:07 Category: Security Views: 4518 Comments
Tutorial quote: This tutorial shows how to install and configure BASE (Basic Analysis and Security Engine) and the Snort intrusion detection system (IDS) on a Debian Sarge system. BASE provides a web front-end to query and analyze the alerts coming from a Snort IDS system. With BASE you can perform analysis of intrusions that Snort has detected on your network.

Scenario: A linux server running Debian Sarge 3.1 setup according to Falko's - The Perfect Setup - Debian Sarge (3.1).
Let's assume we have one working website (www.example.com) and that the document root is: /var/www/www.example.com/web
The IP of the server is 192.168.0.5 and it's using eth0 as network interface name.
Fedora+Core

Tripwire on your Fedora Box

Post date: April 16, 2005, 00:04 Category: Security Views: 4898 Comments
Tutorial quote: Tripwire is an Intrusion Detection System. This can be used to alert users whenever their system is compromised. Tripwire detects and reports changes in system files. It will alert you through email whenever a change is detected. If the change is due to normal system activity, you can instruct Tripwire not to report the change to that file in future. If the change is not due to normal system activity, then it is a clear indication that something is wrong and you need to act immediately and fix the issue. Thus tripwire comes very handy to maintain the integrity of the system.

There is lot of information on the web about Tripwire. Some people might argue that AIDE (Advanced Intrusion Detection Environment) is better than tripwire and so on. This comparison is beyond the scope of this article. This is an introductory article for novice users who are interested in installing Tripwire on their Fedora Box. Advanced users can refer to the web for relevant information or they can contact appropriate mailing lists like fedora users mailing list.
Unix+clones

Security Testing your Apache Configuration with Nikto

Post date: August 29, 2006, 16:08 Category: Security Views: 3586 Comments
Tutorial quote: By now you've got the perfect setup for your new Ubuntu 6.0.6 (Dapper Drake) box. You may have even followed the excellent Intrusion Detection and Prevention with BASE and Snort tutorial. And as an added precaution you installed DenyHosts to prevent hack attempts via ssh. But now that you've got your new LAMP server on the internet, how can you tell that your new web server is secure? You test it, of course!
Debian

Installing ModSecurity2 On Debian Etch

Post date: July 7, 2007, 00:07 Category: Installing Views: 3630 Comments
Tutorial quote: This article shows how to install and configure ModSecurity (version 2) for use with Apache2 on a Debian Etch system. ModSecurity is an Apache module that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.
Ubuntu

Perfect Setup Of Snort + Base + PostgreSQL On Ubuntu 6.06 LTS

Post date: April 25, 2007, 21:04 Category: Installing Views: 3988 Comments
Tutorial quote: This tutorial describes how you can install and configure the Snort IDS (intrusion detection system) and BASE (Basic Analysis and Security Engine) on an Ubuntu 6.06 (Dapper Drake) system. With the help of Snort and BASE, you can monitor your system - with BASE you can perform analysis of intrusions that Snort has detected on your network. Snort will use a PostgreSQL database to store/log the data it gathers.
[1] [2] [next]
Web-based applications and online marketing solutions - LumoLink