how to :: make an intrusion detection system using linux ...
please help me this is my final year project ...
Any intrusion starts from the port, if all the system port is open then the server is vulnerable. the attack happens in different ways like sniffing ddos etc, the following link may help you to get an idea. I am good about it
Try http://www.snort.org. The subject can get pretty deep, depending on your needs. Don't expect to have a proper understanding of things within an hour of reading information from that site.
Originally Posted by sami.linux