| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Honeypots
|
|
ISS RealSecure
|
|
Snort
|
|
Configuration of IPS to improve Incident Response Time This paper discusses advanced configuration of IPS to reflect the changing network topology using feedback from an event analysis tool. The events analyzed by incident response tools can be used to find out the false positives and the signatures required in the IPS. Using the analyzed event pool data, IPS can be dynamically configured to reduce the false positives, improve the incident response time and improve the performance by reducing the load on the IPS.
Ramesh Sripathy Rao and Elango Krishnasami,
08/31/2005
|
|
Detecting Computer Security Attacks by Technical Methods In this paper I will describe some of possible technologies of detecting computer attacks. I will also argue the case that it is impossible to detect computer attack as they are evolving to level beyond the scope of a single technology. There is a need of human intelligence to correlate information from various points in organization to detect attacks. Security attack detection should have two clear points: Human part and Technical part.
Ajoy Kumar,
07/08/2005
|
|
Intrusion Forecasting System The paper describes an Intrusion Forecasting System which is the future of the present intrusion detection systems.It discusses the present intrusion detection systems, need to develop an Intrusion Forecasting System, architecture of the system, the implementation and explains the techniques to be used in developing such a system.
By Surya Kumari Govindu, 03/15/2005
|
|
Correlation of IDS Events Recently there have been much interest in Event correlation to computer network intrusion detection events to speculate the pattern of an attack. This paper explores some correlation techniques which can be applied to the Intrusion alerts and identify the patterns that are seen commonly across the events.
Ramesh Sripathy Rao & Elango Krishnasami,
02/23/2005
|
|
The Use of Network Intrusion Detection System Network Intrusion Detection System(NIDS) has been outsourced to vendor who installed and managed the system the past 3 years. NIDS alerts were received from the service provider about 1 to 3 times a day, and a monthly report that showed thousands of intrusion attempts. None of these alerts turned out to be security crisis. However, there were 2 occasions of attack, both started from employee’s infected Laptops. Disappointed to say that the NIDS failed to detect the incidents.
YY Ngai,
10/25/2004
|
|
Intelligent Distributed Intrusion Detection Systems An Intrusion Detection System always helps the "second in the queue", in other words; any Detection System can only say that there is an attack which is ongoing. Now based on the facts delivered from them, the second attempt (or may be the 100th attempt) may be neutralized. Now what is there that is missing in these algorithms? Answer is simple, Intelligence! Gone are the days where a computer is thought to be a piece of toy which will just do what you ask it to do. Time demands more than that, and so is the topic of bringing intelligence to Intrusion Detection Systems than to go with traditional Detection Systems.
Rajesh T Sivanandan,
10/15/2004
|
|
OS Finger Printing and Intrusion Detection OS finger printing is the technique used to identify the target system’s Operating System and some times the patch levels also. The starting point was “banner grabbing”. By looking at the banners listed for different services, it was possible to make out that host’s operating system
Rajesh T Sivanandan,
09/09/2004
|
|
Intrusion Detection using Solaris' Basic Security Module In our existing online world, intrusion detection has become a necessary expense. Not only does intrusion detection validate the effectiveness of border access controls (e.g., firewalls, screening routers, etc.), but it also helps combat the persistence of insider abuse and corporate espionage. For this reason, intrusion detection systems (IDSs) have become an essential component in creating any comprehensive network infrastructure. Intrusion detection systems rely on network traffic and/or system audit data as their main input sources. It is evident that an IDS can be only as powerful as the detail of the audit information fueling it. For instance, a host-based IDS monitoring only the syslog audit trail will be much less capable, than say, one that also examines /var/log/messages and the wtmp logs.
By David Endler, 07/30/2004
|
|
Intrusion Detection Preliminaries: Sanitizing Your E-Commerce Web Servers Intrusion Detection involves detecting unauthorized access and destructive activity on your computer system. Intrusion Detection is a clear requirement for all e-commerce merchants. According to the annual study released March 22, 2000 by the Computer Security Institute and the FBI, 90% of the survey respondents detected a computer security breach within the last twelve months. The study showed that the most serious financial losses were caused by activities that concern e-commerce merchants directly: theft of proprietary information (e.g., stealing customer credit card numbers), and financial fraud (e.g., setting up a bogus storefront).
By Marc Meyers, 07/30/2004
|
|
Implementing Networks Taps with Network Intrusion Detection Systems Over the past decade or so, the use of switches to replace hubs has increased substantially. This is largely due to the increased size of networks, and the requirement for increasingly faster and more efficient networks. On most networks, the data must now be dependable and timely. This transition from hubs to switches, however, has generated a conflict with already deployed and designed network intrusion detection systems. To combat design conflicts between network intrusion detection systems (NIDS) and switches, network taps were created. Network taps essentially allow all traffic on a network device to be monitored. Network taps are also very useful for passive network troubleshooting and analysis. Further, the tap makes the related NIDS system more secure, preventing attackers from being able to directly attack the NIDS system. This article will offer an introductory overview of taps, including: what taps are...
By Nathan Einwechter, 07/30/2004
|
|
Page: 1 2345678910 |
