| |
|
| |
| Buying a new car is a lot of fun, the new car has its unique smell no doubt about it, the very fact ... - Amit Laufer |
| |
| Interested in purchasing a classic car? Determine first if this is the right move for you. - Lana Hampton |
| |
| Nothing is worse, when on vacation or travel abroad than a medical crisis that you are unable to dea ... - Geoff Spencer |
| |
|
|
| |
| Drupal is a feature rich Content Management System (CMS) which allows webmasters to run dynamic webs ... - Bedrich Omacka |
| |
| Piling on the pounds can mean higher life insurance premiums. Insurers are getting tougher and are w ... - Michael Challiner |
| |
|
| |
|
|
Intrusion Detection System (IDS) are becoming a very important part of any strategy for enterprise
security. But what are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:
"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)
There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems are looking for suspicious activity and monitor the packets. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.
Who wants to breaking into your system?
One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.
How do intruders break into your system?
The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are a lot of ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.
How does one stop intrusions?
There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.
Open Source Intrusion Detection Systems
Below are a few of the open source intrusion detection systems:
AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."
File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."
Snort (www.snort.org) Self-described as "Snort? is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."
Commercial Intrusion Detection Systems
If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:
Tripwire
http://www.tripwire.com
Touch Technology Inc (POLYCENTER Security Intrusion Detector)
Http://www.ttinet.com
Internet Security Systems (Real Secure Server Sensor)
http://www.iss.net
eEye Digital Security (SecureIIS Web Server Protection)
http://www.eeye.com |
| Author: Rob Lamper |
| |
Author Bio:
Rob Lamper Computer Security 2006 |
| This article can be searched using: automotive diagnostic software, automotive service software, automotive crm software |
|
 |
|
| |
Related Articles |
| |
7 Top Tips for Microsoft Word Users
|
| |
Long Term Care Insurance
|
| |
Modifying Standard Shapes In Photoshop
|
| |
Employment background check
|
| |
Coming Soon: Car Care World e-Xpo 2006
|
| |
About the hit counter
|
| |
Is being healthy worth paying for?
|
| |
Drivers Ed Lesson Plans
|
| |
Some Benefits of Family Health Insurance Plans
|
| |
Fix Windows Registry Errors
|
| |
|
|
|
|
Main Page
