[转载]Network Security：An Open-Source Approach

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

This paper attempts to introduce the reader to the Network Security Monitoring (NSM) model and the availability of robust open-source network security utilities to achieve a defensible network. To achieve a secure network, the analyst must fully implement all aspects of the Security Life Cycle. The Security Life Cycle is a process for maintaining an acceptable level of perceived risk of network security. Detection is one component of the process. Open source tools that can be used in the detection phase of the security life cycle include Sguil, MySQL, Snort, Barnyard, Tcpflow, Sancp, P0f, and Ethereal/Tethereal.