Difficult-o-Meter: 5 (as hard as this book gets)Covers:
|
This Q & A is a work of fiction . Any similarity to the Q & A from the previous chapter is entirely coincidental.
Question: I was sitting at home, minding my own business, when one day a bunch of police, state troopers, FBI agents, ATF agents , postal inspectors, and the Publisher's Clearinghouse prize patrol came into my house and took all my computers. Apparently, my computers had been used without my knowledge to launch a denial-of-service attack, completely blocking all access to the official Britney Spears homepage. While I am embarassed that I didn't think of doing that myself , I would have had the sense not to do that from my own computers. How can I see to it that no one uses my network in this way?
Answer: The first and simplest answer is don't have your network connected to the Internet. To some extent we tell you how to do that in Chapter 3 on firewalling. The next best answer is to know as soon as possible when miscreants come padding around your network interfaces. This chapter (and Chapter 12 ) cover the topic of intrusion detection.
In this chapter we look at a network-surveillance tool called Snort, which lets you monitor your network connection to look for signs of suspicious activity and to take programmable action when that activity occurs. This is normally the province of the most expensive of expensive tools. Snort gives you most of the same capabilities in a Free Software package. This is the best way to keep intruders out of your accounts.