Network intrusion detection systems became important after several high-profile hacking incidents in the 1980s and 1990s exposed vulnerabilities in computer networks and operating systems. The Morris worm in 1988 infected hundreds of computers within hours and demonstrated how vulnerable networks were. As the Internet grew and Unix software became more open, it provided opportunities for hackers to remotely exploit security holes, install backdoors, and sniff passwords and credit card numbers in transit. Intrusion detection systems were developed to help monitor networks for unauthorized access and activity.

1. Network Intrusion Detection Systems
Introduction
In August of 1986, the network at the Lawrence Berkeley Laboratory (LBL) was cracked by an
unknown intruder. Clifford Stoll, an astronomer employed by the university, discovered the intrusion
while attempting to resolve a 75 cent accounting error. Instead of attempting to stop the intruder, Stoll
observed him as he attacked approximately 450 computers owned by the military and defense
contractors. The intruder was successful in breaking into over 30 computers. Over the course of the
next two and a half years, Stoll tracked the activity of the intruder and finally got the cooperation of the
FBI (who had initially disregarded the incident), who tracked the intruder to West Germany. There they
discovered the intruder was part of a spy ring that sold the information they stole to the KGB
[Anonymous, et al. 30, 31; Stoll 484-486].
Baton Rouge STD Testing
On November 2, 1988, the most famous Internet worm of all time was released into the wild. The
worm used exploits in rsh, rexec (remote login programs for UNIX), finger, and sendmail to
compromise systems running Berkeley UNIX. Originating from the MIT Artificial Intelligence
laboratory, it infected and disabled hundreds of computers across the US in a matter of hours. While the
worm didn't cause much monetary damage, the understanding of its potential was more than sufficient
to compensate [Seeley]. Network administrators, for perhaps the first time, realized how vulnerable the
Internet was.
STD Testing Baton Rouge
The growth of the Internet and the openness of Unix-based software also provided fertile ground for
would-be crackers to learn remote exploits. Using security holes in software (typically servers or
daemons), crackers could break into an accessible machine and set up a 'backdoor', or program running
on an open port through which they could log in to the computer. Once inside, crackers could set the
network card to promiscuous mode and set up a utility called a sniffer to capture incoming packets. In
1997, Carlos Salgado, Jr. used this technique to grab over 100.000 credit card numbers from a sniffer
he installed on a San Diego ISP [Anonymous, et al. 39, 40]. Clear text passwords sent over the network
are also easily captured this way. Even a normal user password would grant a cracker access to the
target machine, and from there he or she could compile local exploits in order to gain root access. This
was easier than directly attacking a secure box, and provided a longer trail for administrators to sort
through.