How to fight computer viruses, spyware and malware
Page: Intrusion Detection Systems - How to Use Them

Intrusion Detection Systems

Learn about computer intrusion detection systems,
how to use them and the list of recommended ones

Unlike home computer protection and security, it takes much more time and resources to protect commercial enterprise computer systems. While unprotected home computers can cause some serious problems, its attacks on enterprise computers that can cause a lot more damage, which in turn can affect the company concerned. Take for example the recent Department of Defense crackdown on security.

What are Intrusion Detection Systems?

../images/p-suite.jpg
Strengthen your computer security with intrusion detection systems to protect your business systems

Intrusion Detection System (IDS) are a necessary part of any strategy for enterprise security. What are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:

"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"
(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/ )

There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems monitors packets on the network wire and looks for suspicious activity. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.

Who is breaking into your system?

One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.

How do intruders break into your system?

The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are many ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.

How does one stop intrusions?

There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems. We provide you here with the lists of open source systems, as well as commercial ones.

» Open Source Intrusion Detection Systems

Below are a few of the open source intrusion detection systems, listed in alphabet order:

1. AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."

2. File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."

3. Snort (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."

» Commercial Intrusion Detection Systems

If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well, listed in no particular order:

1. Tripwire - http://www.tripwire.com

2. Touch Technology Inc (POLYCENTER Security Intrusion Detector) - http://www.ttinet.com

3. Internet Security Systems (Real Secure Server Sensor) - http://www.iss.net

4. eEye Digital Security (SecureIIS Web Server Protection) - http://www.eeye.com

  Computer security tips and information
../images/Computer-security-120.jpg Computer Protection - Following a few basic, sensible steps you can achieve a good computer protection.
Computer Security Threats - What are the top four security threats that pur cour computer and mobiles at risk?
Computer Security Watch - We're all more serious about it, resulting in higher costs and more sophisticated attacks.
Crackdown on Security - The governments are increasingly cracking down on computer hackers and intruders.
Intrusion Detection Systems - These security systems detect unauthorized access or misuse of a computer system.
Securing Your Computer - Learn the 10 easy steps to take to protect yourself and your computer from online threats.
Online Security Rules - 10 rules to avoid online fraud
Security Suites - take 5 steps to protect your computer

Home
Computer Security
   Computer Protection
   Computer Security Threats
   Computer Security Watch
   Crackdown on Security
   Intrusion Detection Systems
   Securing Your Computer
   Online Security Rules
   Security Suites
Computer Virus
   Computer Virus Prevention
   Computer Virus Protection
   Antivirus Programs Tips
   Computer Viruses
   Fighting Viruses
   Avast Antivirus
   Norton Antivirus
   Trojan Horse
   Zone Alarm
Computer Spyware
   Adware
   Botnets
   Spyware
   CounterSpy
   Spyware Programs
   Intelligent Explorer
   Spyware Remover
Computer Privacy
   Identity Protection
   Fighting Spam
   Encryption
   Keylogger
   Phishing
Computer Software
   Anti Spam Software
   Microsoft Office 2003
   Software-Defined Storage
   Software Products
   Software Testing Service
Internet Security
   Business Internet Security
   Company Sued for Data Breach
   Cyber Security Affects Reputation
   Cyber Security and Small Business
   Cyber Security Culture Change
   Cyber Security for E-Commerce
   Cyber Security Future Trends
   File Sharing Security
   Handle Company Data Breach
   Internet Security Issues
   Third Party Vendor Security
   Wireless Hot Spots
Mobile Security
   Protect iPhone from Viruses
   Stay Secure While Travelling
Web Hosting
   All About Web Hosting
   Choosing Hosting Packages
   Web Hosting Services
   Website Security Myths
Updates
About
Contact
Guest Posts
Links
Link to us

Home
Computer Security
Computer Virus
Computer Spyware
Computer Privacy
Computer Software
Internet Security
Mobile Security
Web Hosting
Updates
About
Contact
Guest Posts
Links
Link to us
Privacy Policy