An ID system gathers and analyses information from various areas within a computer or a network to identify possible security breaches, which include both intrusions (attacks from outside the organization) and misuse (attacks from within the organization).
intrusion detection functions include:
The safeguarding of security is becoming increasingly difficult, because the possible technologies of attack are becoming ever more sophisticated; at the same time, less technical ability is required for the novice attacker, because proven past methods are easily accessed through the Web.
Typically, an ID system follows a two-step process. The first procedures are host-based and are considered the passive component, these include: inspection of the system's configuration files to detect inadvisable settings; inspection of the password files to detect inadvisable passwords; and inspection of other system areas to detect policy violations.
The second procedures are network-based and are considered the active component: mechanisms are set in place to reenact known methods of attack and to record system responses.
Call us now
We would welcome the opportunity to discuss your requirements further. If we can be of any assistance to you, please contact us or one of our ad sponsors.
:: :: :: ::