Open Source vs. Network Attacks: What's in your arsenal?
You look at your router and firewall logs and you see all the IP addresses from all over the trying to get into your systems. Is there anything you can do about it? There’s a lot of things you can do. Some things are as simple as changing a daemon’s defaults in its configuration file and restarting the daemon. You add dedicated watcher programs that analyze the daemon’s log files and take actions based on events in the logs. There’s everyone’s favorite mitigation: adding firewall rules to throttle the input packet streams. At the complex end, you can deploy a reactive Intrusion Prevention System. After you have deployed you mitigating factors, you boss asks you the question, “How do we know these things are working?” Open Source comes to rescue again. Using Open Source tools you can not only create reports, charts, and graphs and answer your boss’ question but also secure your network against attack.
Presenters
