Summary

Previous page
Table of content
Next page

Intrusion detection technologies allow one to solve a whole range of problems in order to improve the security level of the hosts within corporate networks:

  • Monitoring and analysis of user, network, and system activity

  • System-configuration audit and intrusion detection

  • Integrity control of the files and other resources of the corporate network

  • Detection of patterns reflecting well-known attacks

  • Statistical analysis of suspicious activity

  • Automatic installation of vendor-supplied software updates

  • Installation and support of the trap servers to register information on the intruders

However, do not consider intrusion detection systems to be a universal panacea. Such systems have their own area of use, which happens to be quite broad (but still limited). For example, such systems can be used for controlling specific vulnerabilities that might exist within specific network hosts. Another example is controlling the efficiency of firewalls. However, do not expect wonders from intrusion detection systems.

At the current level of development of information technologies, intrusion detection systems can not do the following:

  • Compensate for the inefficiency of the identification and authentication mechanisms

  • Perform a completely automatic analysis of attacks

  • Eliminate problems of the information system with reliability and integrity

  • Efficiently analyze traffic in broadband networks

Regardless of the method used for detecting intrusion — manual or automatic — all these methods are based on the following three factors:

  • Indications describing security policy violations. Types of violations are described in Chapter 2.

  • Sources of information in which to search for indications of security policy violations.

  • Methods of analysis of the information obtained from appropriate sources in order to find indications of attacks.

A knowledge of these three components enables us efficiently to detect attacks both manually and automatically. These three components will be covered in detail in the next chapter. Universal tools, both manual and automated, will be covered in the next chapters. The remaining part of this book is dedicated to specialized systems of intrusion detection.


Previous page
Table of content
Next page
Protect Your Information with Intrusion Detection
Protect Your Information with Intrusion Detection (Power)
ISBN: 1931769117
EAN: 2147483647
Year: 2001
Pages: 152
Authors: A. Lukatsky, Alex Lukatsky
BUY ON AMAZON
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Building Web Applications with UML (2nd Edition)
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Microsoft VBScript Professional Projects
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy