[Dshield] Security in Layers

Graham Dodd g.dodd at falk-ross.de
Wed Mar 24 18:00:50 GMT 2004


Hello all,

I want to add another layer to our network security and would appreciate
advice from the list.

Our setup is Cisco Router with appropriate ACL's, Linux firewall, DMZ for
mail server (running 2 x AV and SA), and webshop, and our internal network.

I would like to put a "box" on the internal network to watch for any
unauthorized activity, either someone who got through the outside, or a
worm doing it's dirty work from the inside.

My preference would be a Linux computer, but my main problem is I don't know
what software to run to provide the best detection. I don't want to start a
"mine is better than yours war" I would just like your experiences and
working solutions.


Thank you for any assistance,

Graham

Graham K. Dodd
Director of Operations
Falk & Ross GmbH




More information about the list mailing list