Help is on its way for security professionals and the sysadmins they depend on to detect intrusions.
In December, the SANS Institute will publish a Sysadmin Cheat Sheet for Detecting Intruders, Ed Skoudis, security consultant
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
with International Network Services, told SearchSecurity. Skoudis is currently contributing to the project aimed at helping IT and security work together in the area of intrusion detection.
Skoudis said security needs the help of sysadmins when it comes to keeping systems patched and watching for abnormal behavior. "Sysadmins need to be the eyes and ears for the security people, because they can't touch everything," he said.
The cheat sheet is a one-page outline of tasks to aid sysadmins in detecting anomalous behavior, including how to look for unusual processes and ports. Sysadmins can go through the quick checklist on a daily or weekly basis, said Skoudis.
The document will be available for free download online, and companies will be able to add their logo and contact information for their incident response team before distributing to IT folks.
"The idea is that 90% of sysadmins don't really know what to do, and if they do know, they don't know where to call so they freelance it themselves," said Skoudis.
The Sysadmin Cheat Sheet for Detecting Intruders will be available in separate versions for Linux and Windows.