Cover V10, I08



As you can see, intrusion detection is the theme for the August issue. In this issue, we offer a variety of security-related articles on topics such as integrating Tripwire into Big Brother, implementing a password strength-checking module, a handy checklist for determining whether your system has been cracked, and setting up an IDS with open source tools. In the Web-exclusive articles this month, Chris Kuethe covers basic IDS setup considerations, and Ido Dubrawsky surveys some commonly used tools.

The topic of intrusion detection has become so broad in the past few years, however, that we've only touched the surface with the articles in this and other security-focused issues of Sys Admin. If you find yourself needing to learn more about intrusion detection, there are many resources to help you. Online, I recommend checking out the SANS Institute ( In addition to their Intrusion Detection FAQ, SANS offers some excellent practical articles in their security reading room, such as "Evading Passive Sniffer Detection with IDS Sensors" by Bryan S. Brandt and "DRAGON - An Intrusion Detection System" by Joni Ramos. Other online resources include: the Network Intrusion Detection Systems FAQ by Robert Graham at:

and the Intrusion Detection Primer by Benjamin D. Thomas at:

Stokely Consulting's Unix System Administrator Resources also has a page of various security links at:

If you prefer books to online resources, here are a few you might want to consider purchasing:

Practical UNIX & Internet Security by Simson Garfinkel and Gene Spafford (O'Reilly & Associates; ISBN: 1565921488).

Network Intrusion Detection: An Analyst's Handbook by Stephen Northcutt, Donald McLachlan, Judy Novak (New Riders Publishing; ISBN: 0735710082).

Secrets & Lies: Digital Security in a Networked World by Bruce Schneier (John Wiley & Sons; ISBN: 0471253111).

I've seen the following quote from Schneier's book reprinted elsewhere, but I think it's worth sharing again. Schneier writes: "We're still stuck with an insecure Internet and insecure password-protected systems. But by the same token, we're still stuck with insecure door locks, assailable financial systems, and an imperfect legal system. None of this has caused the downfall of civilization yet, and it is unlikely to. And neither will our digital security systems, if we refocus on the processes instead of the technologies."

I hope readers will continue to submit articles to Sys Admin that will benefit us all as we strive to improve our security processes. Please send your comments and suggestions to me at:

Sincerely yours,

Amber Ankerholz

Editor in Chief