Embedded Files
Intrusion Detection System (IDS) are available for intrusion detection for both server and network. This section guides you on hardening Debian by using IDS.
Identified Threats
Identified Threats
These are the identified threats related to Debian software.
(T-106) Network Intrusion Is Not Monitored In Real Time
(T-106) Network Intrusion Is Not Monitored In Real Time
Network intrusion must be constantly monitored when the system is connected.
(T-107) Host Intrusion Is Not Monitored Periodically
(T-107) Host Intrusion Is Not Monitored Periodically
Host intrusion must be constantly monitored when the system is running.
(T-108) Rootkit and Kernel Intrusion Is Not Monitored Periodically
(T-108) Rootkit and Kernel Intrusion Is Not Monitored Periodically
Rootkit and kernel intrusion is not monitored when the system is running.
Actions Required
Actions Required
Here are the list if actions to counter the issues.
Use Host IDS like Tiger
Use Host IDS like Tiger
Debian does prepare host IDS like Tiger to monitor host settings and local systems.
Use Network IDS like Snort
Use Network IDS like Snort
Debian does prepare network IDS like snort to monitor connected network.
Use Rootkit IDS like Chkrootkit
Use Rootkit IDS like Chkrootkit
Debian does prepare rootkit IDS like chkrootkit to monitor rootkit temperament.
That's all for hardening Debian by using IDS.
Page updated
Google Sites
Report abuse