|
If you desire to protect
your computer from hackers, adware, spyware and viruses, then you must
consider Intrusion Detection System (IDS). Intrusion Detection System (IDS) are a necessary
part of any strategy for enterprise security.
What are Intrusion
Detection systems? CERIAS, The Center for Education and Research in
Information Assurance and Security, defines it this way:
"The purpose of an intrusion detection system (or IDS) is
to detect unauthorized access or misuse of a computer system. Intrusion
detection systems are kind of like burglar alarms for computers. They sound
alarms and sometimes even take corrective action when an intruder or abuser is
detected. Many different intrusion detection systems have been developed but the
detection schemes generally fall into one of two categories, anomaly detection
or misuse detection. Anomaly detectors look for behavior that deviates from
normal system use. Misuse detectors look for behavior that matches a known
attack scenario. A great deal of time and effort has been invested in intrusion
detection, and this list provides links to many sites that discuss some of these
efforts" (http://www.cerias.purdue.edu/)
There is a sub-category of intrusion detection systems
called network intrusion detection systems (NIDS). These systems monitors
packets on the network wire and looks for suspicious activity. Network intrusion
detection systems can monitor many computers at a time over a network, while
other intrusion detection systems may monitor only one.
Symantec protect your computer from hackers, adware, spyware
and viruses - Who is breaking into your system?
One common misconception of software hackers is that it is
usually people outside your network who break into your systems and cause
mayhem. The reality, especially for corporate workers, is that insiders can and
usually do cause the majority of security breaches. Insiders often impersonate
people with more privileges than themselves to gain access to sensitive
information.
How do intruders break into your system?
The simplest and easiest way to break in is to let someone
have physical access to a system. Despite the best of efforts, it is often
impossible to stop someone once they have physical access to a machine. Also, if
someone has an account on a system already, at a low permission level, another
way to break in is to use tricks of the trade to be granted higher-level
privileges through holes in your system. Finally, there are many ways to gain
access to systems even if one is working remotely. Remote intrusion techniques
have become harder and more complex to fight.
How does one stop intrusions?
If you're thinking of protecting
your computer from hackers, adware, spyware and viruses, there are several Freeware/shareware Intrusion Detection
Systems as well as commercial intrusion detection systems you can chose from.
Open Source Intrusion Detection Systems
Below are a few of the open source intrusion detection
systems:
AIDE (http://sourceforge.net/projects/aide) Self-described
as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for
Tripwire. It does the same things as the semi-free Tripwire and more. There are
other free replacements available so why build a new one? All the other
replacements do not achieve the level of Tripwire. And I wanted a program that
would exceed the limitations of Tripwire."
File System Saint (http://sourceforge.net/projects/fss) -
Self-described as, "File System Saint is a lightweight host-based intrusion
detection system with primary focus on speed and ease of use."
Snort (www.snort.org) Self-described as "Snort® is an open
source network intrusion prevention and detection system utilizing a rule-driven
language, which combines the benefits of signature, protocol and anomaly based
inspection methods. With millions of downloads to date, Snort is the most widely
deployed intrusion detection and prevention technology worldwide and has become
the de facto standard for the industry."
All these can help you protect
your computer from hackers, adware, spyware and viruses or better still you can
go for the commercial ones.
Commercial Intrusion Detection Systems
If you are looking for Commercial Intrusion Detection
Systems, here are a few of these as well:
Tripwire
http://www.tripwire.com
Touch Technology Inc (POLYCENTER Security Intrusion
Detector)
Http://www.ttinet.com
Internet Security Systems (Real Secure Server Sensor)
http://www.iss.net
eEye Digital Security (SecureIIS Web Server Protection)
http://www.eeye.com
For more security detection sytems to help
you protect your computer from hackers, adware, spyware and viruses you can
search google.com.
Related links:
ZoneAlarm Internet
Security Suite 6
A
|
