Security Portal: Network Intrusion Detection Systems and Virus Scanners – are they the answer?

“It takes a lot less effort to destroy and break things, than it
takes to build and fix them. This is nowhere more evident then
computer networks. Corporations, governments, universities and
other organizations spend large sums of money on computer network
infrastructure, and the cost of keeping them running is not
trivial. And this doesn’t even take into consideration malicious
attacks and security controls which add even more cost to building
and maintaining a network of computers….”

“Directly related to anti-virus software is intrusion detection
software (sometimes refereed to as IDS or NIDS). I’m going to start
with a brief explanation of the various intrusion software
technologies and types since they overlap and can be somewhat
convoluted. As a rule of thumb the software has to run on a
computer system (that’s a pretty safe rule for most software
packages actually), and this machine can either be dedicated to the
task of monitoring the network and other systems, or the software
can be an additional component that runs on a production

Computer security doesn’t come in nice shrink wrapped box
for $99.95 (after a $50 rebate). Computer security is an ongoing
process, with constant re-evaluation and changes, as new threats
and solutions are released, you need to be able to react to them
Ideally vendors would ship software that was not
susceptible to viruses (this is possible), nor susceptible to
user/network/random events resulting in improper operation (like
giving someone a root shell remotely). This isn’t going to happen
for along time however (although there is a variety of hardening
software becoming available).”