Access your Pro+ Content below.
Knoppix-NSM removes complexity of Snort-based network security monitoring
This article is part of the October 2007 issue of Information Security magazine
As an information security manager, you've very likely come to appreciate the benefits of Snort, the immensely popular open source network intrusion detection system. But you may have balked at implementing Snort-based network security monitoring because integrating and using Snort and complementary tools may be technically daunting, or require too much of your staff's time and energy to make it worth the effort. Snort alone doesn't give you a complete network security monitoring tool, and integrating and using all the pieces you need may be frustrating. The popular BASE console, for example, is often used with Snort, but like all Web-based consoles, it lacks speed, doesn't provide real-time alerting and has limited analysis functionality. But now this critically important security capability can be well within your means, thanks to The Tao of Network Security Monitoring. Unlike Web-based consoles like BASE, Sguil is fast and makes it easy to spot potentially dangerous events. BASE, the Basic Analysis and Security Engine, is the...
Access this Pro+ Content for Free!