From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Detect intrusions with Security Onion
From the course: Ethical Hacking: Evading IDS, Firewalls, and Honeypots
Detect intrusions with Security Onion
- [Instructor] Network intrusion detection systems occur on the perimeter as well as inside networks and their purpose is to detect threats by monitoring network traffic. There are both opensource and commercial solutions available. Intrusion detection systems work either by detecting exploit in malware signatures or by detecting behavior that looks anomalous or maybe associated with an intrusion. Snort is an opensource intrusion detection system which has been the genesis of many of the intrusion detection systems available today and Snort rules are accepted as an industry standard for configuring intrusion detection systems. It's a command line tool and uses signatures as well as anomaly detection. Suricata is a development that came from the U.S. Department of Homeland Security funding as a contemporary alternative to Snort and is well-regarded also. The tool we're going to look at is called Security Onion. This is a Ubuntu idea which combines the best of Snort, Suricata, and other…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.