- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Intrusion Detection using ACID on Linux
- Abstract
- At a recent meeting with our IT staff, we were discussing the sometimes overwhelming amount of security required in managing a network and we quickly came to the conclusion that the entire group could devote nearly all of their time to network and system security and never have a shortage of projects. One member of our team made the comment that in that case, we would "...have a soccer team full of goalies!" So, the questions of where we draw the line in the sand with respect to security goes on. Appropriate amounts of effort (time) and implementation (hardware/software) are necessary to protect our systems and users and it needs to be maintained within the constraints of our staffing and fiscal resources. Because our environment has not been one that is conducive to firewalls and the policies that are associated with them, we have developed a set of security practices that includes a number of key features mentioned in the SANS defense in depth model.