Language Selection

English French German Italian Portuguese Spanish

Review: Nose Around With Snort

Filed under
Software
Reviews

The name Snort may conjure images of a specially trained swine sniffing out truffles. But Snort isn't an animal--it's an IDS (intrusion-detection system) with a rich language for matching patterns in network traffic. Snort provides a slimmed down, customized signature set to detect defined policy violations. It can determine, for instance, whether specific protocols are in violation of a security policy.

Let's face it, unless you're actively policing security-policy compliance, just having words in a document won't make you secure--you have to find policy violations and enforce your policies. Some of the products that prevent policy violations are pricey, but free and open-source Snort may be the only tool you need.

Full Article.

More in Tux Machines

diff -u: What's New in Kernel Development

One problem with Linux has been its implementation of system calls. As Andy Lutomirski pointed out recently, it's very messy. Even identifying which system calls were implemented for which architectures, he said, was very difficult, as was identifying the mapping between a call's name and its number, and mapping between call argument registers and system call arguments. Some user programs like strace and glibc needed to know this sort of information, but their way of gathering it together—although well accomplished—was very messy too. Read more

GNU hackers discover HACIENDA government surveillance and give us a way to fight back

GNU community members and collaborators have discovered threatening details about a five-country government surveillance program codenamed HACIENDA. The good news? Those same hackers have already worked out a free software countermeasure to thwart the program. According to Heise newspaper, the intelligence agencies of the United States, Canada, United Kingdom, Australia, and New Zealand, have used HACIENDA to map every server in twenty-seven countries, employing a technique known as port scanning. The agencies have shared this map and use it to plan intrusions into the servers. Disturbingly, the HACIENDA system actually hijacks civilian computers to do some of its dirty work, allowing it to leach computing resources and cover its tracks. Read more

Play Hexen, Quake I, and Quake II with 4MLinux Game Edition 9.1 Beta

4MLinux Game Edition, a special Linux distribution based on Busybox, Dropbear, OpenSSH, and PuTTY, which also happens to feature a large number of games, is now at version 9.1 Beta. The 4MLinux distributions are among the smallest ones in the world, but that doesn't mean the developers can't add a ton of interesting games into the mix. Read more

Firefox gets preliminary support for casting to Chromecast

Mozilla is in the process of adding the ability to “cast” videos from Firefox to Chromecast devices, and you can try it now if you have the right hardware. As announced in a post on Google+ post by Mozilla developer Lucas Rocha, “Chromecast support is now enabled in Firefox for Android’s Nightly build.” To check this out, I downloaded the latest Firefox Nightly, installed it on my Nexus 10, and tested it with my Chromecast. It worked… although, it has some rough edges right now. Read more