LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
How strictly do your users obey your security policies?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
Emily Ratliff: OS Security
DanWalsh LiveJournal
Security Bloggers Network
Latest Newsletters
Linux Advisory Watch: November 21st, 2008
Linux Security Week: November 17th, 2008
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Intrusion Detection
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.



Protecting against undefined exploits and security threats  21 December 2005 
Source: Security Park - Posted by Pax Dickinson   
There is a wealth of tools available to help protect the enterprise from security threats. Firewalls, virtual private networks, strong user authentication, encryption, intrusion detection/prevention systems (IDS/IPS), email filters, antivirus, vulnerability scanners are all options. Each of these point solutions is capable of addressing a specific element of the security mosaic. In order to address their limitations many enterprises attempt to aggregate these solutions in a futile attempt to achieve effective IT security.

Write Comment

 
Low Cost Technique for Intrusion Detection  14 December 2005 
Source: InfoSecWriters.com - Posted by Benjamin D. Thomas   
I have attempted to uncover and explore a free and easy solution for the cost conscience small to medium size network to incorporate Intrusion Detection. The paper will focus on the aspects of free tools in relation to Intrusion Detection. I will define the tools I am using, where I will place the tools within the network, why I decided to place the tool in this particular location, and what defense mitigation the tool should assist.

Write Comment

 
Symantec Announces New Proactive Behavior-Based Host Intrusion Prevention Solution  12 December 2005 
Source: MarketWire - Posted by Pax Dickinson   
Symantec Corp. today announced Symantec Critical System Protection 5.0, a proactive behavior-based intrusion prevention solution for multi-layered protection of servers and critical clients running on Windows, UNIX and Linux platforms. Available later this month, Symantec Critical System Protection provides zero-day protection against application and operating system attacks, enhanced auditing and compliance enforcement, enterprise reporting capabilities, and improved manageability of heterogeneous environments from a single management console. Using a unique combination of signature and behavior-based detection, this enterprise class product helps prevent system downtime while protecting critical information assets.

Write Comment

 
How to build and use a Honeypot  02 December 2005 
Source: InfoSec Writers - Posted by Benjamin D. Thomas   
Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot and what exactly it was I became intrigued with the idea of actually getting back at these mysterious hackers. I want to build a honeypot, put it on my home network, and see what I can attract. I will build a honeypot and put it out for business. I researched what the ideal computer set up would be and built one. I will discuss the computer, how to build one, and what my results were.

Write Comment

 
Open-source to the Rescue Again  30 November 2005 
Source: ComputerWorld - Posted by Benjamin D. Thomas   
Traffic on the network had increased all week, but the intrusion-detection system wasn't picking up any malicious traffic. Whatever traffic was traversing the network was considered OK. The servers and desktop systems were all at current patch levels, switches at current IOS levels. Sophos Anti-Virus wasn't showing any virus activity. We hadn't installed any new devices on the network. Yet something had changed and was causing problems.

Write Comment

 
Open Source Snort Rules Consortium is officially launched  18 November 2005 
Source: Sourcefire - Posted by Pax Dickinson   
Sourcefire, Inc., the creators of Snort and the world leader in intrusion prevention, and Bleeding Snort today announced the launch of the Open Source Snort Rules Consortium (OSSRC), focused on the development and advancement of Snort Rules. With over 90 Charter members from the open source user and vendor communities, the OSSRC enables the entire Snort community to contribute to the open source model, as well as Snort development and direction. Focusing on innovation and standardization, the OSSRC is an independent organization founded to ensure that Snort continues to reflect the needs of the open source community, while also remaining one of the industry’s leading security tools.

Write Comment

 
IDS: Still head of the class in security education  16 November 2005 
Source: TechTarget.com - Posted by Benjamin D. Thomas   
Despite claims that intrusion detection tools are "old school" and often tedious to use, one technologist says an IDS, such as Snort, can be quite educational when grading an organization's network security. During a session at the CSI 32nd annual Computer Security Conference this week, Matthew Hicks, senior information security analyst with the Children's National Medical Center in Washington D.C., said those who scoff at IDS typically don't understand how to use it.

Write Comment (3 Comments)

 
Security Incident Response  14 November 2005 
Source: Net-Security.org - Posted by Benjamin D. Thomas   
Organizations that use computing system as their business enabler are faced with the challenges to protect and mitigate their critical information assets from internal and external security risks. In such a scenario, where 100% security is hard to achieve, it is imperative to reduce time taken to detect and respond adequately to a security incident that could adversely impact normal services.

Write Comment

 
Evaluating Intrusion Prevention Systems  11 November 2005 
Source: CIO Update - Posted by Pax Dickinson   
With intrusion prevention systems (IPS) fast becoming as essential a purchase as the ubiquitous firewall, the choice is becoming ever more bewildering as more and more vendors scurry to bring new products to market.

Write Comment

 
Intrusion Detection for Database Tech  08 November 2005 
Source: Sci-Tech Today - Posted by Pax Dickinson   
Application security differs from network and host security. The applications vary but the attacker's goal is always the same -- to access the database. Since applications use SQL to communicate with the database, a good application IDS parses SQL, providing an objective layer of protection that understands the traffic yet remains independent of the application.

Write Comment

 
<< Start < Prev 4 5 6 Next > End >>

Results 41 - 50 of 393
    
Partner:

 

Latest Features
A Secure Nagios Server
Never Installed a Firewall on Ubuntu? Try Firestarter
Review: Hacking Exposed Linux, Third Edition
Security Features of Firefox 3.0
Review: The Book of Wireless
April 2008 Open Source Tool of the Month: sudo
Open Source Tool of March: ZoneMinder
Yesterday's Edition
Plaintext Recovery Attack Against SSH

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
  Security Projects ,   Latest News ,  Newsletters ,  SELinux ,  Privacy ,  Home,
 Hardening ,   About Us,   Advertise,   Legal Notice,   RSS,   Guardian Digital

(c)Copyright 2008 Guardian Digital, Inc. All rights reserved.