Ubuntu
gnome-nettool package

How an intrusion prevention system can be built ?

Asked by harry potter

I want to know how an intrusion prevention system works in Ubuntu ? If a new intrusion is coming whose details are not there in the previously trained system how will the system takes the necessary action and blocks the intruder. If some references are provided it will be very helpful.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu gnome-nettool Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

You can use iptables to setup rules for universal access to certain ports with certain protocols, or you can set more restrictive rules whereby only certain IPs or IP subnets can access ports and so on. It is very configurable.

Revision history for this message
Sam_ (and-sam) said : 		#2

Reference.
https://help.ubuntu.com/community/Security
http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
http://www.gentoo.org/doc/en/security/security-handbook.xml
http://commons.oreilly.com/wiki/index.php/Ubuntu_Hacks/Security
http://irclogs.ubuntu.com/2011/06/10/%23ubuntu-classroom.html#t17:33
https://lkml.org/lkml/2011/9/30/425

Can you help with this problem?

Provide an answer of your own, or ask harry potter for more information if necessary.

To post a message you must log in.