| An Intrusion Detection System (IDS) employs a | | | | How Do Intruders Attack the System? |
| combination of hardware and software products | | | | The easiest method of breaking into a system by |
| to analyze network traffic. The software analyzes | | | | an insider is to gain physical access to a system. |
| and checks known patterns of traffic and ferrets | | | | In companies, it is very difficult to stop |
| out activity it suspects as malicious. A | | | | employees from gaining access to a computer |
| sophisticated IDS can even automatically | | | | system located anywhere in the office. |
| terminate a connection and send an alert to the | | | | Also, the employee wanting to break into a |
| admin the minute it detects suspicious activity. | | | | system may already be computer-savvy and |
| An IDS is employed mainly by companies to | | | | may know how to hack into systems. All he has |
| detect various malicious types of behavior, | | | | to do is employ the usual tricks of the hacking |
| primarily through the Internet, that can place their | | | | trade to gain access into any system on the |
| networked computers at grave risk. It detects | | | | office network. |
| any kind of attack on network systems or on | | | | Finally, sophisticated hackers who are operating |
| software, as well as unofficial and unauthorized | | | | from a remote location can also break into a |
| logins and access to critical documents. | | | | company's network. Such remote hacking |
| Intrusion detection schemes fall into one of the | | | | methods are tough to detect and complex to |
| following categories: Anomaly IDS - these | | | | fight. |
| systems look for behavior and traffic that is not | | | | How Do I get An IDS? |
| regular. Misuse IDS - these scout for Internet | | | | Developers affiliated with the open-source |
| behavior that matches a known attack scenario | | | | movement have built a few IDSs that are |
| the characteristics of which are already stored in | | | | available free of cost. Here are their details: |
| the IDS; these are compared with real-time | | | | AIDE (Advanced Intrusion Detection Environment) |
| system behavior. | | | | is a free replacement for Tripwire - a semi-free |
| There is another type of IDS called | | | | IDS. AIDE is an efficient IDS and new as well as |
| network-based intrusion detection system (NIDS). | | | | old users of Tripwire must try it out. |
| These systems monitor packets of data on the | | | | File System Saint (FSS) is another open-source |
| network and scout for malicious activity. Such a | | | | IDS that is available for download at FSS too |
| system can monitor several computers on a | | | | works like Tripwire - it is lightweight, is developed |
| network at one time, and this sets them apart | | | | in Perl language, and works on any platform that |
| from other types of IDS, which can usually | | | | runs Perl. |
| monitor only one computer at a time. | | | | Snort is yet another open-source IDS that |
| So, Who's Trying to Break Into The Company's | | | | started off small but has matured considerably. It |
| Network? | | | | detects intrusions into a network based on rules, |
| You will be surprised to learn that a company's | | | | combining benefits of signature, protocol and |
| computers are more at risk from its employees | | | | anomaly-based inspection methods. You can get |
| than from outside hackers! Corporate America | | | | snort here: |
| thrives in an extremely competitive environment, | | | | Commercial IDS |
| and competitors will pay top Dollar if they can lay | | | | If you want Commercial Intrusion Detection |
| their hands on critical data. Also, employees are | | | | Systems, then you must consider Tripwire or |
| job-hopping all the time or setting up their own | | | | Polycenter Security Intrusion Detector - both |
| ventures, so if they can get their hands on | | | | these IDSs have garnered a formidable reputation |
| valuable data free of charge, it will do them a lot | | | | in the market. |
| of good - and the company a lot of harm. | | | | |