Presentation is loading. Please wait.

Presentation is loading. Please wait.

Outline Securing your system before the IDS and some tools to help you

Published byDulcie White Modified over 6 years ago

Similar presentations

Presentation on theme: "Outline Securing your system before the IDS and some tools to help you"— Presentation transcript:

1

2 Outline Securing your system before the IDS and some tools to help you
What is an IDS, 2 types How can an IDS help you and your company

3 First thing’s first! Do yourself a favor
Passwords, housekeeping Vulnerability scanners (Saint scanning engine) Port scanners (Nmap)

4 Passwords Minimum length Both numbers and letters Lifespan
All accounts must have a password! Maintaining good security practices

5 Housekeeping Unauthorized accounts Lifespan of accounts
Permissions, users AND groups

6 Vulnerability Scanners
“a computer program designed to search an application, computer or network for weaknesses.” - wikipedia

7 Saint Scanning Engine The Four Steps of a SAINT Scan
Step 1: screens every live system on a network for TCP/UDP services. Step 2: For each service it finds running, it launches a set of probes designed to detect anything that could allow an attacker to gain unauthorized access, create a denial-of-service, or gain sensitive information about the network.

8 Step 3 – The scanner checks for vulnerabilities.
Step 4 – When vulnerabilities are detected, the results are categorized in several ways, allowing customers to target the data they find most useful. The scanner can provide links to patches or new software versions that will eliminate the detected vulnerabilities!

9 Port Scanners Although an open port can be a vulnerability, I will break these programs up because they do work differently. “a piece of software designed to search a network host for open ports. This is often used by administrators to check the security of their networks and by crackers to compromise it.“ - wikipedia

10 Nmap All available hosts on the network
What services (application name and version) those hosts are offering What operating systems (and OS versions) they are running What type of packet filters/firewalls are in use and more

11

12

13 Now what? Ready to implement your IDS
Host based (Tripwire, Log Surfer, MOM, Sebek) simpler, monitors host activity Network based (Dragon, Manhunt, Snort) More involved, monitors network and it’s traffic

14 Snort “Snort is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.”

15 Symantec ManHunt “28 January, Symantec Corp. (NASDAQ: SYMC), the world leader in Internet security, today announced that Symantec ManHunt is the first intrusion protection solution to be awarded Common Criteria Evaluation Assurance Level 3 (EAL3) certification. This prestigious certification assures customers that Symantec ManHunt, which was evaluated by Computer Sciences Corporation of Annapolis Junction, MD and validated by the National Information Assurance Partnership (NIAP), has gone through a long and rigorous testing process and conforms to standards sanctioned by the International Standards Organization.”

16 IDS Methods Signature Analysis Statistical Anomaly/Protocol Analysis
Similar to antivirus software Tries to match data traffic Statistical Anomaly/Protocol Analysis Catches what signature misses Compares traffic to baseline Clipping level

17 References www.tripwire.com www.insecure.org/nmap

Download ppt "Outline Securing your system before the IDS and some tools to help you"

Similar presentations

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.

Network Security and Audits LITN Fall Conference 2006 Presented by Katie Givens Mosaic.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.

NETWORK SECURITY INTRUSION DETECTION SYSTEMS (IDS) KANDIAH.M Clarkson University, Potsdam, New York.
Intrusion Detection Systems and Practices

Intrusion Detection Systems and Practices
Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.

Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.

Intrusion Detection CS-480b Dick Steflik. Hacking Attempts IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan.
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
Lecture 11 Intrusion Detection (cont)

Lecture 11 Intrusion Detection (cont)
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?

Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau (20086034) Lee Shirly (20095815) Ong Ivy (20095040)

Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.

Computer Security Fundamentals by Chuck Easttom Chapter 9: Computer Security Software.
IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.

IDS Mike O’Connor Eric Tallman Matt Yasiejko. Overview IDS defined IDS defined What it does What it does Sample logs Sample logs Why we need it Why we.
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.

1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google