One of the keys to any type of security is knowledge. To keep a network secure, you must know about security in general, but you must also be aware of the environment in which your computers operate.
For example, any computer that’s connected directly to the Internet is likely to see several unauthorized access attempts per day from outside the local network. Indeed, there may even be suspicious activity from within your local network, either from disgruntled insiders or from a successful outside intrusion or infection. If you’re to effectively guard against intrusions, it’s helpful to be aware of them. Even if you don’t respond to every probe (a monumental and unrewarding task), changes in the patterns of attack may be important: Changes may tip you off to new vulnerabilities and attack tools.
Network monitoring tools help you keep an eye on network attacks… Snort is a very powerful system for monitoring network traffic.
Roderick W. Smith (2003, May), <i>Network Monitoring with Snort</i>. Retrieved Sunday, September 14, 2003, from <a href="http://www.linux-mag.com/2003-05/guru_01.html" title="Linux Magazine | May 2003 | GURU GUIDANCE | Network Monitoring with Snort">www.linux-mag.com/ 2003-05/ guru_01.html</a>.