Intrusion Detection by Port Scan Using Snort

Network intrusion detection systems (NIDS) are an important part of any network security architecture. They provide a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected. Network I...

Full description

Saved in:
Bibliographic Details
Main Author: Alkhushayni, Suboh Mohammad Shehadah
Format: Thesis
Language:eng
eng
Published: 2008
Subjects:
Online Access:https://etd.uum.edu.my/1077/1/Suboh_Mohammad_Alkhushayni.pdf
https://etd.uum.edu.my/1077/2/Suboh_Mohammad_Alkhushayni.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Network intrusion detection systems (NIDS) are an important part of any network security architecture. They provide a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected. Network Intrusion Detection Systems (NIDS) perform deep packet inspection on packet payloads to identify, prevent, and inhibit malicious attacks over the Internet[l]. Snort is a lightweight intrusion detection system that can log packets coming across your network. This program can be used on smaller networks but on larger ones, with Gigabit Ethernet, snort can become unreliable. Snort doesn't require that you recompile your kernel or add any software or hardware to your existing distribution but it does require that you have root privileges.