Chapter 12. Watching Your Network

In this chapter, we are going to cover:

Setting up centralized logging
Installing a Snort IDS
Managing your Snort rules
Managing Snort logging

Introduction

Any network connected to the Internet can expect to see malicious traffic. Now, this could range anywhere from something like compromise of your system or an intruder connected to your network, or it could be something as simple as browsing the wrong website that attempts to use the latest Flash or Java exploit.

If your network is hosting anything of value, it may make sense for you to monitor this sort of traffic. It will allow you to notice the laptop infected with Malware that is probing your other systems.

Alternatively, maybe you just want to watch your network ...

Get Linux Networking Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Linux Networking Cookbook by Gregory Boyce

Chapter 12. Watching Your Network

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly