Home > Ask the Security Experts > Network Security Questions & Answers > How hackers attack undetected
Ask The Security Expert: Questions & Answers
EMAIL THIS

How hackers attack undetected

Michael Gregg EXPERT RESPONSE FROM: Michael Gregg

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 16 September 2005
How can a hacker get into a network without being detected?

>
EXPERT RESPONSE

Hackers enter networks undetected in many different ways. Organizations often spend a lot of time and effort guarding against outside attackers while insiders may pose a bigger risk. If IDSes and controls focus on outsiders, insiders may be able to exceed their access level and remain undetected. Even if an attack originates from the outside, it may go unnoticed. Many security administrators are so overworked they may not be able to perform an in-depth analysis of their IDS logs. If the IDS isn't properly tuned, false-positives can occur and security administrators may miss an actual hacking attempt. An example of this is the PBS report concerning Moonlight Maze. These hacks and probes of computer systems at the Pentagon, NASA, Energy Department, private universities and research labs began in March 1998 and had been going on for nearly two years before being discovered.

More Information

  • Test your knowledge of intrusion detection and prevention systems with this quiz.

  • Attend this on-demand webcast and learn how to use IDS and IPS effectively.

  • Learn what some are doing to reduce the number of false positives in IDSes.

    		•

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Network Security
    What warning signs will indicate the presence of a P2P botnet?
    What reporting tools are available for an enterprise IDS?
    Is it possible to allow select access to IP addresses using Windows Server 2003?
    Is an IPsec VPN necessary when connecting remote servers that process financial transactions?
    What are best practices for creating an IDS and maintaining a signature database?
    What are the best ways to hide system information from network scanning software?
    What are the security risks of opening all the ports on an internal router?
    Will Cisco's plan to open access to the IOS improve network security?
    Will VoIP attacks result in more than just spam?
    Should enterprises implement a mandatory iPhone VPN?

    Network Intrusion Detection (IDS)
    Product review: AirDefense Enterprise 7.3
    What are best practices for creating an IDS and maintaining a signature database?
    Network intrusion prevention systems: Should enterprises deploy now?
    RSA 2008: Sourcefire founder Roesch previews Snort 3
    What is the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?
    Screencast: Opening up the Network Security Toolkit
    Can a firewall alone effectively block port-scanning activity?
    Should an intrusion detection system (IDS) be written using Java?
    What security risks do enterprise honeypots pose?
    What are the benefits of 'in-the-cloud' network security services?
    Network Intrusion Detection (IDS) Research

    Network Intrusion Prevention (IPS)
    IBM announcements mark two years of ISS marriage
    Product review: AirDefense Enterprise 7.3
    NitroSecurity covers its bases with RippleTech deal
    Network intrusion prevention systems: Should enterprises deploy now?
    If one server in a DMZ network gets attacked from outside, will the other servers be corrupted?
    What security risks do enterprise honeypots pose?
    What are the benefits of 'in-the-cloud' network security services?
    What is a 'top-down' IPS sensor search?
    Is a 'self-defending network' possible?
    Best practices for purchasing an intrusion detection device
    Network Intrusion Prevention (IPS) Research

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    computer forensics  (SearchSecurity.com)
    Diffie-Hellman key exchange  (SearchSecurity.com)
    Einstein  (SearchSecurity.com)
    HIDS/NIDS  (SearchSecurity.com)
    intrusion detection  (SearchSecurity.com)
    network behavior analysis  (SearchSecurity.com)
    ultrasound  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    Targeted Security Channel Tips for Resellers, Integrators and Consultants
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts