For example, the Snort IDS is extremely popular. It's an open source network intrusion detection system that is widely used in the enterprise. As an open source product, Snort is available at no cost and has a large community of developers creating rules.
Sourcefire, the company behind Snort, makes an official ruleset available to Snort users either in real-time (for paid subscribers) or on a 30-day delay (at no charge). This is the best way to obtain a reliable, timely ruleset. If you're using a different IDS product, consult the vendor for details on rulebase subscriptions.
- Is writing intrusion detection systems using Java a good idea?
- Network intrusion prevention systems: Should enterprises deploy now?
Dig Deeper on Network intrusion detection and prevention (IDS-IPS)
Related Q&A from Mike Chapple
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading