Chapter 9. Vulnerability Scanning and Intrusion Detection
There are lots of threats out there, and some of them might even penetrate into your network. You'll want to know when that happens, so you'll want to have a good Network Intrusion Detection System (NIDS) in place. We'll look at Snort, which is probably the most famous one. I'll then show you a way to cheat so that you can have a Snort system up and running in no time at all.
We've already seen how to scan a machine for viruses and rootkits by installing scanning tools onto the machines that we want to scan. However, there are a lot more vulnerabilities for which we can scan, and I'll show you some cool tools that you can use for that.
The following topics are covered in this chapter:
- An introduction to Snort and Security Onion
- Scanning and hardening with Lynis
- Finding vulnerabilities with OpenVAS
- Web server scanning with Nikto