clarifying use of snort [was - Re: security in general]
> >Sounds like you've almost everything covered. About the only things I
> >could recommend would be to run nessus against yourself and install
> >snort in IDS mode.
> I could try that, I'd have to look up some info on the program. I assume
> nessus checks for known vulnerabilities? Sounds ok, never hurts.
> As for snort in IDS mode, snort is like tripwire right? Hmm that means
> someone is already inside the system and it's too late already..
> Will have to read up on it tho :)
snort is not like tripwire, snort is a network tool.
it can be set up to monitor network activity from an external machine,
as an IDS it matches tcp packet content against known intrusion packet
content via customizeable rules. check out http://www.snort.org and http://www.whitehats.com