Appendix A. Resources


Snort, well known network-based IDS
www.snort.org

Home of the Open Source Tripwire page
www.tripwire.org

Page of the HoneyNet Project
www.honeynet.org

Harlan Carvey's perl page, where I took some ideas and re-used some code with permission on LogAgent 4.0 Pro upon which LogIDS 1.0 is also partly based
http://patriot.net/~carvdawg/perl.html

"Protecting against the unknown", by Mixter, a good theoretical guide at protecting networks against unknown threats
http://packetstorm.acm.miami.edu/papers/contest/Mixter.txt

"Securing the internal Microsoft network", one of my previous papers upon which LogIDS 1.0 theory is based
http://securit.iquebec.com

LogAgent 5.0, log file monitoring tool along with ADSScanner and IntegCheck
http://securit.iquebec.com

ComLog 1.05, a command prompt logger
http://securit.iquebec.com

SécurIT Intrusion Detection Toolkit (SIDTk) 1.0
http://securit.iquebec.com

"Autopsy of a successful intrusion (well, two actually)", one of my previous papers that describe a typical intrusion attack that can be performed on many corporate networks
http://securit.iquebec.com

"Configuring ZoneAlarm securely", one of my previous articles published on SecurityFocus.com
http://www.securityfocus.com/guest/11486

The following 2 links lead to comparison charts of most of the personal firewalls out there:
http://www.theguardianangel.com/firewall_comparison.htm
http://www.agnitum.com/php_scripts/compare.php

11. Conclusion
Appendix B. Security Event ID description table