IDS
IDS
An Intrusion Detection System (or IDS) generally detects unwanted manipulations to systems. There are a lot of different types of IDS, some of them are described here. The manipulations may take the form of attacks by skilled malicious hackers, or Script kiddies using automated tools.
An Intrusion Detection System is required to detect all types of malicious network traffic and computer usage that can't be detected by a conventional firewall. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).
Definitions provided by Wikipedia - The Free Encyclopedia
IDS Related Products
McAfee UTM Firewall (formerly Secure Computing SnapGear) is a complete office network-in-a-box Internet security appliance for small and medium-size businesses (SMBs). It features wide-area networking tools that you would normally only see with enterprise-class devices. Because the last thing SMBs need is another single-purpose security appliance to add to their network.
More information
Trend Micro Mobile Security protects smartphones and PDAs from data loss, infections, and attacks from a central enterprise console that can also manage desktop protection. Encryption and authentication defends data integrity on lost or stolen devices. The anti-malware features block viruses, worms, Trojans, and SMS text message spam. Built-in firewall and IDS protects against hackers, intrusions, and denial-of-service attacks - potential threats to the increasing number of Wi-Fi-enabled mobile devices.
More information
IDS Related Industry News
Competing technologies could shake up e-mail Microsoft’s announcement at the RSA Conference last week of a host of initiatives to stop unsolicited commercial e-mail, or spam, highlighted some tectonic shifts taking place in the once staid world of Internet messaging. The company’s new e-mail authentication architecture, known as "Caller ID," is being met with cautious acceptance. However, Microsoft will probably not have the last word on secure e-mail, and a shake-out of antispam solutions backe......
[more] Competing Technologies Shake Up E-Mail How will rival authentication schemes change the way we communicate online? Microsoft's recent announcement of a host of initiatives to stop unsolicited commercial e-mail, or spam, highlighted some tectonic shifts taking place in the once staid world of Internet messaging. The company's announcement was made at the RSA Conference, a leading annual meeting on electronic data security that was held in San Francisco late last month.
Caller ID
The company's......
[more] Stopping the enemy at the gate Over the past few years, security vulnerabilities have spiralled, writes Bloor Research analyst Fran Howarth. The CERT Co-ordination Centre, a federally-funded R&D centre operated by the Carnegie Mellon University in the US, publishes statistics of security vulnerabilities that are reported to it on an annual basis. In 1995, just 171 such incidences were brought to its attention; by 2003, that figure had risen to 3,784.
This increase in vulnerabilities is caus......
[more] Online Hacker Shop Shuts Down Site had been selling source code to Napster's server and client software. An online shop that was selling the source code for two computer programs has abruptly suspended its operations, citing a "redesign" of its "business model."
The Source Code Club opened its doors on Monday, using an e-mail posting to an online discussion group to advertise the availability of source code and design documents for two products: the Dragon intrusion detection system (IDS) softw......
[more] A guide to proactive network security Behind our daily barrage of hacker attacks, announcements of new viruses and worms, and frequent risk of downtime is an opportunity. This is your opportunity to step away from the noise, for a moment, and take steps to build a more proactive network security model for your organization.
Countermeasures like firewalls or anti-anything (antivirus, anti-spam, anti-spyware, etc.) are all reactive security tools. They are necessary countermeasures and a part of......
[more] Virus Writer Targets AV Vendors A virus writer released malicious code that ridicules anti-virus vendors and the Sasser worm author. A virus writer apparently seeking notoriety instead of financial gain has released malicious code that ridicules anti-virus vendors and Sasser worm author Sven Jaschan, a security firm said Friday.
The Lebreat-D virus, which is rated a low threat, creates in infected computers a JPEG image file of Jaschan, a German teenager recently convicted of authoring the wide......
[more] Network security market growing Infonetics Research reported today that the network security market increased by 15 percent last year and predicted that revenue will grow another 32 percent by 2009. According to a report written by Infonetics analyst Jeff Wilson, worldwide revenue for network security appliances and software totaled $4.3 billion in 2005. Cisco led the industry, capturing 34 percent of market. Check Point and Juniper trailed in second and third place respectively. The repor......
[more] Viruses no longer top security threat Trojans and spyware taking over Early reports of malware distribution in April show that viruses are swiftly declining as a threat in comparison with other malicious software.Separate research from Fortinet and Sophos shows that the top viruses were mainly old timers, and that Trojans and spyware are coming to the fore in their place.Fortinet in particular reported that Adware/BetterInternet was its top threat last month, accounting for nearly one in eight a......
[more] Four in ten security staffers write down passwords early 40 percent of IT professionals store important passwords on paper, according to a new report. The survey of nearly 200 IT professionals at this year's Infosecurity Europe exhibition in London, found that 38 percent of respondents wrote passwords to critical systems on bits of paper.The study, commissioned by security company Cyber-Ark, found that 22 percent of respondents said colleagues kept passwords on Post-It notes while another 14 per......
[more] Japan sees fast rise in virus attacks on PCs The number of people arrested in Japan for attacking computers with viruses in the hunt for information has more than doubled in four years.The data, revealed in the government's latest annual report on the information and communications industry, casts a shadow over Japan's high-profile attempt to make the country a world leader in the sector.The figures follow several high-profile cases in recent years in which confidential information was obtained......
[more] Academic breaks the Great Firewall of China Researchers from the University of Cambridge have found a way to launch denial of service attacks against China, using the country's own firewall Computer experts from the University of Cambridge claim not only to have breached the Great Firewall of China, but have found a way to use the firewall to launch denial of service attacks against specific IP addresses in the country. The firewall, which uses routers supplied by Cisco, works in part by inspect......
[more] Hackers shut out by World Cup security Security around the computer system used in the recent World Cup tournament held up well enough to prevent any significant problems. Avaya said Wednesday the network it designed recorded 5 million "unique firewall events" each day of the seven-week event, and while 128,000 breached the firewalls, there were no security-related or application outages recorded. "From a security standpoint, we never lost bandwidth or network resources due to re......
[more] Many Web application security vulnerabilities are not as serious as they seem When interpreting the results of a vulnerability assessment, you need to focus on what's important in your Web application security testing. There are three sides to the story when looking at Web application security testing: yours, the findings of your vulnerability assessment, and the truth. Whether you're using a commercial or open source scanner, you're undoubtedly going to glean a lot of information and come acro......
[more] Researchers crack WEP WiFi security in record time The WiFi security protocol WEP should not be relied on to protect sensitive material, according to three German security researchers who have discovered a faster way to crack it. They plan to demonstrate their findings at a security conference in Hamburg this weekend. Mathematicians showed as long ago as 2001 that the RC4 key scheduling algorithm underlying the WEP (Wired Equivalent Privacy) protocol was flawed, but attacks on it required the i......
[more] Today’s Biggest IT Security Menace and 6 Ways to Fight It What is today's biggest IT security threat? IT itself, according to recent reports from IDC and Carnegie Mellon/DoD. To begin with, IDC research finds that enterprise companies rank insider sources as their top security threat (Source: "Privileged Password Management," Sally Hudson, IDC). In addition, research from Carnegie Mellon University for the Department of Defense (DoD) finds that when it comes to insider attacks, 86% of......
[more] AirMagnet Allowed Patent for Ability to Detect Counterfeit Wi-Fi Access Points AirMagnet Inc., the award-winning leader in wireless network assurance solutions, today announced the company has received a notice of allowance for a U.S. Patent covering multiple methods of identifying "spoofed" or counterfeit devices in a wireless LAN. Developed by AirMagnet's CTO, Chia-Chee Kuan, as well as Chief Architect, Miles Wu, and President and CEO, Dean Au, the patent further strengthens the com......
[more] Intrusion detection in the age of compliance While intrusion detection technologies are clearly not a "hot new thing" anymore, they are still the subject of active industry debate. Since the infamous "IDS is Dead" piece was published by Gartner in 2003, the discussion about IDS relevance to today's world of commercial malware and web exploits rages on. Further, the IDS relationship to newer technologies such as intrusion prevention systems (IPS) and network-behavior anomaly......
[more] AirMagnet Enterprise 8.0 Revolutionises Wireless IDS Intelligence fAirMagnet Inc., the leader in security, performance and compliance solutions for wireless LANs, announced a major new release of its award-winning AirMagnet Enterprise, the industry's premier solution for continuous wireless LAN security and management. Enterprise 8.0 is packed with new capabilities that allow customers to provide better protection for their wireless environments and to do so more efficiently. The system detects......
[more] Phishing likely to blame for eBay members' data theft EBay Inc.'s security experts have determined that it's highly likely that whoever posted confidential information about the auction Web site's members in a company discussion forum this week stole the data via an e-mail phishing scam, an eBay spokeswoman said. The perpetrator of the data disclosure on about 1,200 eBay members didn't hack into eBay systems, spokeswoman Nichola Sharpe said in an e-mail yesterday, reiterating an assurance eBay......
[more] The myth of the Ninja Hacker On Wednesday, in a talk at Black Hat D.C. 2008, two researchers set out to see whether phishing sites were created by the "Einsteinian, ninja hackers that the media makes them out to be." In a talk titled "Bad Sushi: Beating Phishers at their own game," Nitesh Dhanjani and Billy Rios found not a sophisticated gang of elite coders, but hundreds of bad coders all copying one another, and often stealing from each other. Dhanjani and Rios expressed disapproval......
[more] Police force's Facebook app raises privacy concerns Last week, Greater Manchester Police became the first UK police force to establish a presence on Facebook. According to one privacy advocate, it is a move that raises significant privacy issues. Greater Manchester Police established an application called GMP Updates on Facebook, providing users with crime news, appeals and missing-persons stories.Individual stories can be shared with a user's contacts and users can add comments to the feed. Th......
[more] Security governance frameworks; which one works for your organisation? The concept of an information security framework is somewhat amorphous, in part because even the phrase "information security" itself can be surprisingly subject to interpretation. At a minimum, a sound framework should provide a blueprint for how information security is governed, define the role of policy and procedure, identify applicable legal or regulatory requirements and support data classification standards and data br......
[more] Beijing Prepares for 'High-tech Olympics' All over Beijing, Olympic countdown clocks tick off the seconds that China has awaited for seven years: the moments until Aug. 8, 2008, at 8:00 pm, when the opening ceremonies of the Beijing Olympics begin. Perhaps the most important competition involving the Olympics will not take place during 16 days in August, but occurred in 2000 and 2001, when Beijing challenged Istanbul, Osaka, Toronto and Paris for the right to be the host city. Seven years and 2......
[more] Don't give Google a free pass on data collection, privacy advocates say after YouTube ruling The privacy concerns raised by a federal judge's order that Google Inc. turn over 12TB of data on YouTube users and their video-viewing histories to Viacom International Inc. misses an important point, according to some privacy advocates: What is Google doing collecting and retaining all that data in the first place? Viacom had asked the court for access to the information stored in the logging database......
[more] Trojan trawls recruitment sites in ID harvesting scam Hackers have turned the harvesting of personal information from Monster.com and other large US jobsites into a lucrative black market business. A Russian gang called Phreak has created an online tool that extracts personal details from CVs posted onto sites including Monster.com, AOL Jobs, Ajcjobs.com, Careerbuilder.com, Careermag.com, Computerjobs.com, Hotjobs.com, Jobcontrolcenter.com, Jobvertise.com and Militaryhire.com. As a result the p......
[more] Design flaws impair security at banking sites Banking Web sites suffer from design flaws that undermine their security, exclusive of software vulnerabilities, according to a University of Michigan study to be released Friday. Of 214 sites surveyed in 2006, more than 75% had at least one design flaw that could lead to a security problem, the university said. The flow and layout of the sites can make those sites riskier, and the problems can't be fixed with a patch unlike a software vulnerability.......
[more] ID card 'will drown in a billion mismatches' The government has underestimated the likely failure rate of the ID card scheme, according to a biometrics expert who reviewed the system. The ID card scheme will guard against one person having multiple identities by checking the two fingerprints and facial scan held on a chip on the ID card against biometrics in a central database, the National Identity Register. But academic John Daugman, a former member of the Biometrics Assurance Group (BAG) whi......
[more] Finjan offers free malware detection audit to halt Crimeware Trojan Finjan has announced it is offering qualified organisations a free malware detection audit to halt Crimeware Trojan’s and other malware attacks on enterprises. Finjan's free trial offer comes after security vendor RSA has estimated the Sinowal Trojan has taken the details of 270,000 online bank accounts and 240,000 payment cards from financial institutions in a number of countries, including the US, UK, Australia and Poland. &q......
[more] An effective alternative to basic password system is needed The complexity of corporate IT systems requires users to memorise more and more passwords: surveys have found that 36 per cent of users have between six and 15 passwords to remember; a further 18 per cent have more than 15 unique identifiers to memorise. Research from Burton Group suggests that the average user can spend up to 15 minutes every day logging on to separate application – which adds up to 65 weekday hours spent entering user......
[more] The myth of cloud computing Companies hungry for IT efficiency and cost savings absolutely love virtualization. The idea of reducing racks of servers into smaller and cheaper machine farms is simply irresistible in just about every enterprise. Security vendors have seized on this with an array of products promising "security in the cloud." But the adopters often lack a basic understanding of what virtualization is about, and that's a problem, industry experts say."When you look a......
[more] Stopping corporate IT break-ins Shutting the door to IT systems after staff leave the business and allowing workers to safely log in from home can be a major headache for business. In an identity management guide published today, the Corporate IT Forum (TiF) recommends using automation to smooth over some of the difficulties in keeping track of who is accessing what. According to the guide, companies should approach identity management by asking the following questions for each member of staff......
[more] Monster.com reports theft of user data Monster.com is advising its users to change their passwords after data including e-mail addresses, names and phone numbers were stolen from its database. The break-in comes just as the swelling ranks of the unemployed are turning to sites like Monster.com to look for work. The company disclosed on its Web site that it recently learned its database had been illegally accessed. Monster.com user IDs and passwords were stolen, along with names, e-mail addresse......
[more] How to recover from a data breach The best defence against hackers trying to steal corporate data is a whole lot of preparation, says Danny Bradbury. hese days the headlines are full of stories about data being stolen from major organisations - in both the private and public sector. Though every exec hopes they'll never experience such an incident, it's best to be prepared, just in case. So what do you do after a data breach? As with disaster recovery, you need a playbook, ready and wait......
[more] Security appliance market set for more expansion The security appliance market in Western Europe is bucking the downward trend for IT after it grew 14.4 percent in 2008, and is forecast to continue to expand this year, albeit at a slower rate. So shows the latest figures from analyst firm IDC, which found that revenue for security appliances in 2008 was $1.48 billion (£1.03bn). That figure is projected to rise to $1.65 billion this year, resulting in about 9.4 percent growth, said Romain......
[more] Wireless and wired security: one and the same Some enterprises believe they don't have to concern themselves with wireless security if they don't run sensitive information on their networks. This can be a costly mistake, as Motorola's Ronald van Kleunen explains. In today's competitive economy, we need the power to do business anywhere, anytime. As such, wireless networks are taking over the enterprise. The flexibility and low cost, plus the ability to increase staff productivity, has resulted......
[more] US air traffic faces 'serious harm' from cyber attackers The United States' air traffic control system is vulnerable to serious cyber attack, according to a watchdog report that detailed several recent security breaches that could have been used to sabotage mission-critical networks. One of the most serious attacks came last August, when hackers took control of Federal Aviation Administration computers in Alaska. By exploiting the administration's interconnected networks, the miscreants then sto......
[more] PCI compliance accused of becoming meaningless if it is not correctly enforced The requirements for PCI compliance have been described as ‘woefully inadequate'.Paul Henry, security and forensic analyst at Lumension, claimed that breach after breach of credit card data has become all too commonplace, and PCI should raise the bar and increase the minimum acceptable standards to become compliant in light of these many failures.Pointing to the Heartland incident, Henry stated that PCI had &ls......
[more] Security Manager's Journal: We've been blind to attacks on our Web sites Our Web sites are under attack! And my company's firewall and intrusion-detection systems seem to have been giving a lot of people around here a false sense of security. Of course, as the security manager, I can't afford a false sense of security, so I recently took some steps to find out just what was going on within our Web servers' network traffic. And it turns out that many attacks have been getting through our firewa......
[more] The one essential truth of computer security Who doesn't love that scene in "A Few Good Men" in which Jack Nicholson's character tells Tom Cruise's character, "You can't handle the truth. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom I provide, and then questions the manner in which I provide it. I would rather you just said 'Thank you' and went on your way." I often feel like I'm acting out that scenario when s......
[more] Nine things about botnets that will scare your pants off I wondered just how deep and wide the botnet problem goes. What I learned with just a little bit of research is enough to make you want to return to the days of stand-alone computing. The reality is worse than most people suspect. Let me share nine known things about botnets that will scare your pants off. At the very least, perhaps this article will prompt you to step up your effort to keep your corporate PCs off the illicit botnets. 1.......
[more] Malware designed to steal IDs increased 600 percent The number of users victimized by malware specifically intended to rob personally identifiable information leapt 600 percent this year. The number of users victimized by malware specifically intended to rob personally identifiable information (PII) leapt 600 percent this year compared to the same period in 2008, according to a report released on Thursday by PandaLabs, a division of Bilbao, Spain-based Panda Security. Writing on the PandaLabs b......
[more] Opinion: Protect your cyber self Former MySpace executive David Batch shows how to stay safe with social media. Social networking and the world of web 2.0 occupy a curious space in the media and in social commentary. MySpace, Facebook and more recently Twitter have been darlings of the press, while being lamented as the new satans by those such as the Catholic Archbishop in Britain citing the detriments of social networks. However, with the rise of YouTube and Facebook as category killers in the......
[more] Hotmail 'phishing' campaign is small peanuts Access to the 10,000 compromised Hotmail accounts at the centre of a high profile breach might be obtained for as little as $90 on the black market. Rik Ferguson, a security researcher at Trend Micro, argues that the importance of the online publication of 10,000 Live ID login credentials on developer website PasteBin.com and that the subsequent upload of thousands of assorted Gmail, Yahoo, and AOL passwords and usernames has been grossly exaggerated.......
[more] Newfangled cookie attack steals/poisons website creds A security researcher has discovered a weakness in a core browser protocol that compromises the security of Google, Facebook, and other websites by allowing an attacker to tamper with the cookies they set. The weakness stems from RFC 2965, which dictates that browsers must allow subdomains (think www.google.com) to set and read cookies for their parent (google.com). The specification also states that if a cookie for a subdomain doesn't alrea......
[more] Opinion: IT's 5 big security mistakes Happy New Year, folks. As usual, the turn of the calendar has brought no shortage of articles predicting the future. That's all well and good, but it's a good idea to also take stock of where we are before we chart our course forward, so we can truly improve things for the future. You see, one of my pet peeves with our industry is how abysmal we tend to be at learning from our mistakes. Rather than blithely charging forward only to repeat those mistakes, le......
[more] Three lessons for businesses from the Google attack The cyberattacks against Google and more than 30 other technology companies by adversaries operating out of China highlights what some call the Advanced Persistent Threat (APT) confronting a growing number of U.S commercial entities. The term has been used for some time in government and military domains to describe targeted cyberattacks carried out by highly organized state-sponsored groups with deep technical skills and computing resources.
S......
[more] Social networking raises legal, regulatory issues for businesses Popular social networking sites, such as Facebook, Twitter, and LinkedIn, are causing a stir in the financial services community as well as other highly regulated industries as companies seek ways to control how the sites are used to communicate with potential clients and colleagues. Social networking sites have proved valuable for sales-lead generation, marketing and general broker-client relations, but regulators have been quick......
[more] Facebook IDs hacker who tried to sell 1.5M accounts Facebook has identified the hacker named Kirllos who tried to sell 1.5 million Facebook accounts recently in underground hacking forums. According to the investigators at the social networking site, he's guilty of both hacking and hyperbole. Kirllos was first spotted by researchers at VeriSign's iDefense group a few weeks after he claimed to have an unusually large number of Facebook accounts for sale at rock-bottom prices. According to VeriS......
[more] Security Manager's Journal: Without patch management, you are nothing. Does it all come down to patch management? As a security manager, I pursue many initiatives, striving to protect the company on many fronts. But patch management is a key metric of our risk exposure, since there is a direct correlation between security incidents and patch compliance. So, in a way, it does all come down to something as basic as patch management, because if we fail there, we can't be secure. Of course we have......
[more] Microsoft leads reactive effort to fight Internet fraud Fairly or not, the name Microsoft has become synonymous with insecure in some circles of the IT world. In a move that screams "we care about your security -- really!" the company has teamed up with the National Cyber-Forensics and Training Alliance (NCFTA) and other private and public groups to create Internet Fraud Alert (IFA), a system through which security researchers can quickly and securely report the discovery of stolen customer dat......
[more] The security issues associated with cloud computing in the public sector The adoption of cloud computing is causing significant concerns around privacy and security in the public sector. The benefits for cloud computing are very compelling, especially as the Government looks to the private sector for proven techniques to drive down back office costs, make the most of new technology and use new management practices to encourage efficiency. With plans to cut public sector expenditure by up to £60......
[more] This Facebook Password Will Self-Destruct in 20 Minutes Facebook members using unfamiliar computers to log on can now do so using disposable passwords, skirting security problems sometimes found on public PCs. If the member has a phone number registered with Facebook, he or she can request a temporary password via SMS that remains usable for just 20 minutes. Questions about the system's effectiveness have been raised, however. Facebook has unveiled new measures to keep members secure when they l......
[more] Facebook developers sold user information Facebook has banned developers from gathering and passing on any data to third parties, after it revealed some developers had been discovered selling user information to data brokers. Mike Vernal, a Facebook engineer, explained in a blog post that Facebook will change its policies to prevent the situation occurring again. "While we determined that no private user data was sold, and that the transfer of these user IDs did not give access to any priva......
[more] The new Facebook threat to business The Boy Billionaire, aka Facebook CEO Mark Zuckerberg, has done it again. His proposal to turn Facebook messaging into a sort of universal communications platform is probably the worst idea of the year. It's bad for the privacy of users and for corporate IT, which will have to deal with a huge spike in hard-to-defend Webmail. Ultimately, it may well be bad for Facebook, which will likely see its fairly pristine messaging service overrun by spammers and hackers......
[more] Is a next-generation firewall in your future? The traditional port-based enterprise firewall, now looking less like a guard and more like a pit stop for Internet applications racing in through the often open ports 80 and 443, is slowly losing out to a new generation of brawny, fast, intelligent firewalls. The so called next-generation firewall (NGFW) describes an enterprise firewall/VPN that has the muscle to efficiently perform intrusion prevention sweeps of traffic, as well as have awareness......
[more] Hackers avoiding encryption with memory scraping What's "pervasive memory scraping" and why is it considered by SANS Institute security researchers to be among the most dangerous attack techniques likely to be used in coming the coming year? Simply put, pervasive memory scraping is used by attackers who have gained administrative privileges to successfully get hold of personally identifiable information (PII) and other sensitive data held encrypted in a file system, according to Ed Sko......
[more] Key lessons to learn from Sony hacking troubles The relentless cyberattacks against Sony should have businesses planning now what they will do when they, too, run afoul of ideologically motivated adversaries, experts say. "This is punishment," says Josh Corman, a security analyst for the 451 Group, about the month long string of attacks against Sony websites. "Ideologically motivated adversaries show how tenacious and lengthy an attack can be. They will take it further than anyone......
[more]
