Linux Today: Linux News On Internet Time.

FreeOS.com: Intrusion Detection Systems for your network: Part I

Jan 29, 2001, 22:56 (1 Talkback[s])
(Other stories by Trevor Warren)

[ Thanks to Trevor Warren for this link. ]

"In this series, we will lay a framework that will help you understand the need for an Intrusion Detection System (IDS) and what security measures it would put in place. This includes measures that will help you conduct a postmortem on your system in case of breach of security measures either internally or externally."

"As a System administrator of a *NIX network it is your responsibility to ensure that your *NIX machines are running in perfect condition and to see to it that valuable customers and transactions are not lost, by minimizing the down time. This responsibility becomes even more pressurizing when we talk about today's scenario wherein smooth flow of high volume traffic is the need of the hour in most environments. It is a known fact that most big names in the business of E-Commerce hardware / software solutions, expect 99.99999 %(that's the five 9 concept) uptime...."

"In general, there are various options that you could choose from to sanitize your network. It may be a Firewall on your corporate gateway with a DMZ( De - Militarized Zone ) hosting your Web, Mail servers and databases or simply speaking it could be just a simple packet filtering Firewall."

"These security measure are meant to prevent unlawful entry into the local network and last but not the least, to also prevent unwanted access to your personal resources. Therefore, these measures only help by warding away the threats to your network. However, what about breaches in security measures that you already have put in place. Have you ever wondered as to how would you carry out a postmortem analysis of your infected system or your network whose security was just breached?"

Complete Story

Related Stories: