Hi folks,
I will shut down this site and try to using joomla instead of wordpress. Wish me luck 
I will share about joomla later on, because I think it is powerful
Nothing to say anymore, Just great and massive package. I love and use this package. Added value it’s cost effective huahahahaha
Intrusion Detection System (IDS) are a necessary part of any strategy for enterprise security. What are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:
“The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts”(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)
There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.
Who is breaking into your system?
One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.
How do intruders break into your system?
The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.
How does one stop intrusions?
There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.
Open Source Intrusion Detection Systems
Below are a few of the open source intrusion detection systems:
AIDE (http://sourceforge.net/projects/aide) Self-described as “AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire.”
File System Saint (http://sourceforge.net/projects/fss) - Self-described as, “File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use.”
Snort (www.snort.org) Self-described as “Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.”
Commercial Intrusion Detection Systems
If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:
Tripwire
Touch Technology Inc (POLYCENTER Security Intrusion Detector)
Internet Security Systems (Real Secure Server Sensor)
eEye Digital Security (SecureIIS Web Server Protection)
Google TechTalks
January 24, 2006
Phillip Hallam-Baker
Dr Hallam-Baker is a leading designer or Internet security protocols and has made substantial contributions to the HTTP Digest Authentication mechanism, XKMS, SAML and WS-Security. He is currently working on the DKIM email signing protocol, federated identity systems and completing his first book, The dotCrime Manifesto which sets out a comprehensive strategy for defeating Internet crime.
Dr Hallam-Baker has a degree in Electronic Engineering from Southampton University and a doctorate in Computer Science from the Nuclear Physics Laboratory at Oxford University.
ABSTRACT
Internet Crime is a serious and growing problem. Phishing,…
Duration : 0:58:19
Everyone in the United States has heard of the leading antivirus vendors Symantec, Mcafee, and Trend Micro. These companies have market-leading presence in the United States. Microsoft, as well, has plans become a key player in this market. Microsoft acquired intellectual property and technology from GeCad software in 2003, a company based in Bucharest, Romania. They also acquired Pelican Software, which had a behavior based security as well as Giant Company Software for spyware and Sybari Software, which manages virus, spam, and phishing filtering.
A lot of discussion has centered on whether Microsoft with come to own a dominant position in the antivirus market by simply bundling its technologies with its operating systems at no charge. This is a similar technique applied in other markets such as word processing and Internet browsers.
Of course there are a number of antivirus vendors who also play in this market. There are many companies with great market presence in other countries that are beginning to become more widely known. These vendors include GriSoft out of the Czech Republic, Sophos in the united Kingdom, Panda Software out of Spain, Kaspersky in Russia, SoftWin in Romania, F-Secure in Finland, Norman in Norway, Arcabit in Poland, VirusBuster out of Hungary, and AhnLab in South Korea.
It is not clear where the industry is heading and everyone in this market faces a rapidly changing landscape. The amount of effort to find and provide fixes for viruses is staggering. Malicious programs are getting more complex and the number of them is increasing. Many companies may find themselves without the resources to match the efforts of those truly bent on creating havoc. Some virus companies are getting of hundreds of new samples a day! Moreover, the new viruses are getting “smarter” in that they propagate themselves quickly and they often hide themselves and are smart enough to move around in a system by renaming themselves in an effort to make it hard to remove them.
But, still my recommendation is Kampersky Dig previous post to see why …
Hi gangs,
From my previous post about questions and answers that I received through my mail, I deside to include it in this spot.
I will post it and hope some this blog reader could ansnwer the questions. Then we will see how this kind of post will run
Hope you will enjoy the post and interactively with questions and answers post.
Subscribe to this Blog