Snort - Lightweight Intrusion Detection for Networks
暂无分享,去创建一个
Network intrusion detection systems (NIDS) are an important part of any network security architecture. They provide a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected. Commercial NIDS have many differences, but Information Systems departments must face the commonalities that they share such as significant system footprint, complex deployment and high monetary cost. Snort was designed to address these issues.
[1] Steven McCanne,et al. The BSD Packet Filter: A New Architecture for User-level Packet Capture , 1993, USENIX Winter.
[2] Stephen E. Hansen,et al. Automated System Monitoring and Notification with Swatch , 1993, LISA.
[3] Robert Sedgewick,et al. Algorithms in C - parts 1-4: fundamentals, data structures, sorting, searching (3. ed.) , 1997 .
[4] Thomas Henry Ptacek,et al. Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection , 1998 .