Open Source Intrusion Detection and Prevention: Tools for Today's Corporate Market? by Craig Gosselin

There are literally hundreds of reported network attacks each day. Our systems are being compromised by persons trying to intrude, stop, obtain or destroy our precious data. The ability to detect intruders and monitor the network systems that you operate is not just an option. The Sarbanes Oxley Act is a warning to our publicly traded companies that we are not going to be allowed to sit idle as corporate leaders or IT professionals while there might be huge gaps in our network defenses. Network tools for monitoring intrusion and tools to prevent intrusion can be completely cost inhibitive to a company that has not prepared to budget for their implementation or has little exposure to their use. This paper discusses two open source tools, Snort and Bro that are either no cost or low cost that you can obtain and train to use. These tools are designed to monitor traffic, analyze protocols, capture packets, map networks, port scan and prevent intrusion. Whether the attack is from the outside of your LAN or from the inside, do you have the tools and training to meet the demands of securing your network data?

http://www.infosecwriters.com/text_resources/pdf/Open_Source_CGosselin.pdf