TECH TIPS
Intrusion detection: Gathering evidence
Benjamin Vigil
07.23.2002
Rating: -3.14- (out of 5)
|
The first annual Security Decisions conference was held in Chicago last month. On the final day of the conference, back-to-back sessions were held on the topic of intrusion detection. The first presentation was conducted by information security specialist Jeff Posluns. Jeff discussed the technical issues behind intrusion detection, from IDS software to less common signs of intrusion. The second speaker was FBI supervisory special agent Walter Wright who discussed the legal issues involved after an intrusion has been detected.
Jeff Posluns began his presentation by discussing the variety of IDS software available, from freeware to commercial software, and what the different detection methods were and how they could be employed. Following is a list of the types of software available and some of Jeff's comments:
Jeff stressed that a combination of methods is usually best. In the second half of his presentation, Jeff discussed specific hacker methods and made a point to note there
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
are other places to look for intrusion detection evidence other than IDS software, such as:
Knowing how to detect an intrusion is great, but what if you are too late? FBI special agent Walter Wright's presentation explained the importance of building evidence against hackers. The FBI recognizes the threat of cyber crime and cyber terrorism. Agent Wright discussed the creation of the National Infrastructure Protection Center in his presentation. He also discussed the FBI's partnership initiative called Infraguard. Infraguard is a government/private sector alliance to share information about cyber threats. Visit the Infraguard Website to learn more about this program.
There will always be threats to your business' information, but even worse than a security breach is not knowing that you've been breached. Developing an intrusion detection system is essential to a secure organization.
About the author
Benjamin Vigil is a technical editor at SearchSecurity.
|
|
Rate this Tip
|
To rate tips, you must be a member of SearchSecurity.com.
Register now
to start rating these tips. Log in if you are already a member.
|
Submit a Tip
|
DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.
|
|
|
|
|
|
|
