| Details |
Last year at LinuxFest NW, Gary Smith presented a paper on a Linux host intrusion detection system (HIDS). In that paper, he alluded to the next stage in HIDS based on Prelude-IDS and auditd. Well, the stage has arrived! This paper explains the benefits of Prelude-IDS and auditd and why this next stage leaves the old one at the depot.
Experience:
Gary Smith started out his professional career as a chemist/materials engineer. His start down the Dark Side of Computing was started when he wrote a program to design an optimal extruder screw rather than face thousands of calculations with a slide rule (yes, a slide rule.) Since then, he's a lot of different things in computing: microprocessor cross assemblers and simulators, disk device drivers, communication device drivers, TCP/IP hacking and multi-threaded printer spoolers. Around 1993, Gary started doing computer security when the semiconductor company we was working for was forced to get on the Internet to send/receive IC designs faster and a firewall/Internet gateway was needed. Since then, Gary's been involved in firewalls, intrusion detection and analysis, vulnerability assessments, system and application hardening, and anti-spam filters. Gary really does computer security to support his bicycling habit. He has more bikes than most other people have computers. And they're a lot more expensive. Gary says "Bikes are like computers: both can crash, sometimes with disastrous results to the user." |
