Watching the Watchers: Intrusion Detection - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

How strictly do your users obey your security policies?

	To the letter.
	For the most part.
	When it suits them.
	By chance.
	Not at all.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Security Week: December 1st, 2008

Linux Advisory Watch: November 28th, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Watching the Watchers: Intrusion Detection

User Rating:

How can I rate this item?

Source: Network Computing - Posted by Dave Wreski

If you're one of the unfortunate souls who has been at ground zero during a high-impact security incident, you know the chaos that often ensues. When the big one hits, it can spawn teams of crazed administrators, flocks of delusional and . . . If you're one of the unfortunate souls who has been at ground zero during a high-impact security incident, you know the chaos that often ensues. When the big one hits, it can spawn teams of crazed administrators, flocks of delusional and impatient managers, and swarms of defensive developers. The resulting mess is a veritable rumor committee so poised for explosion that it rivals The National Enquirer in storytelling ability. Such a disaster is often curbed only by hardened incident-response veterans--teams that are as rare as they are essential.

So when wave after wave of IDS (intrusion-detection system) products began to appear, with claims they could detect attacks, log the attacker's traffic, help track the origin of the attack and possibly even stop the attack midstream, both engineers and managers took notice. Perhaps this is what put intrusion-detection products at the top of the security-product deployment charts in our survey of more than 500 organizations earlier this year (see our reader survey from "Best Practices in Network Security"). Such claims are certainly appealing, but they paint only half the picture.

Read this full article at Network Computing

Write Comment
Please keep the topic of messages relevant to the subject of the article. Personal verbal attacks will be deleted. Please don't use comments to plug your web site.. Such material will be removed.
Name:
Title:
Comment:
Code:*

< Prev		Next >

Partner:

Latest Features

A Secure Nagios Server

Never Installed a Firewall on Ubuntu? Try Firestarter

Review: Hacking Exposed Linux, Third Edition

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Yesterday's Edition

Keeping an Eye On Your Network with PasTmon

Linux And Unix Internet Users And Site Security - How Much Is Too Much?

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital