- A snoop server is a server that uses a packetsniffer program to capture network traffic for analysis. Used to identify security risks and/or to monitor employees' activities (such as Web sites visited), a snoop program puts network interfaces into promiscuous mode. Promiscuous mode allows the system to access all the data in each network packet - instead of only routing-related information - including those packets intended for other computers. Packet data is typically captured to a file for later analysis and reporting. Any computer on a network can use a snoop program, although - at least for administrative purposes - they are most often installed on servers. Snooping is also a popular means of illicitly collecting network data; sometimes an administrative snoop server finds a previously undetected node operating for this purpose. The Sun Solaris operating system furnishes an administrative snoop command that captures packets and displays either a single line packet summary or a very detailed description.
PCI compliance requirement 10: Auditing Diana Kelley and Ed Moyle of Security Curve review PCI compliance requirement 10: "Track
and monitor all access to network resources and cardholder...
Know when you need IDS, IPS or both Cut through the hype and learn the differences and benefits of intrusion detection and prevention systems.
Einstein(SearchSecurity.com) Einstein is the network monitoring tool used by the United States federal government's Department of Homeland Security (DHS). Einstein is used to...
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.