Tag: intrusion

IDS/IPS, Security, Ubuntu

Install Snort IDS on Ubuntu

SnortĀ® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Snort Home Page Installation We need Apache, Mysql and PHP. Read this post for instructions on how to install LAMP. Create Snort database Connect to mysql server: mysql -u root -pmysql -u root -p Execute CREATE DATABASE snort;create database snort; …

IDS/IPS, Network

Detect attempted intrusions with psad

If you would like to know every moment of the day, what’s going on with your server then psad is the right tool for the job. Psad is an intrusion Detection and log analysis tool working above iptables. Psad is a collection of lightweight daemons that log attempted intrusions, in particular monitoring iptables. For Ubuntu …