Intrusion Detection Systems - IT Library : ZDNet Asia

White Papers

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Penetration Testing: How to Reveal Vulnerabilities in Hours Rather than Weeks 2005-11-01 13:32:02

Information security managers and directors are faced with the enormous responsibility of keeping Web applications secure from the menace of hackers. The solution is automated security assessment products that leverage stateful processing to comprehensively examine Web applications and reveal vulnerabilities in hours rather than weeks. Download this white paper from Cenzic to learn more about the benefits of its Stateful Assessment technology.

Evaluations of Host-Based Intrusion Prevention Systems (HIPS): Sana's Primary Response and Cisco's Cisco Security Agent 2005-09-01 03:00:04 MITRE

As part of the Federal Aviation Administration's (FAA's) "Intrusion Quarantine" project, the MITRE Corporation's Center for Advanced Aviation System Development (CAASD) conducted an evaluation of two products, Sana's Primary Response and Cisco's Cisco Security Agent (CSA). These two products were selected as examples of Host-based Intrusion Prevention System (HIPS) technology that showed promise of meeting the Intrusion Quarantine project goals.

Sequence Number-Based MAC Address Spoof Detection 2006-06-29 02:25:39 Stony Brook University

The exponential growth in the deployment of IEEE 802.11-based Wireless LAN (WLAN) in enterprises and homes makes WLAN an attractive target for attackers. Spoofing is possible because the IEEE 802.11 standard does not provide per-frame source authentication, but can be effectively prevented if a proper authentication is added into the standard. Unfortunately, it is unlikely that commercial WLANs will support link-layer source authentication that covers both management and control frames in the near future. This paper proposes an algorithm to detect spoofing by leveraging the sequence number field in the link-layer header of IEEE 802.11 frames, and demonstrates how it can detect various spoofing without modifying the APs or wireless stations.

Zombies: The Digital Undead 2006-01-31 14:13:53

A zombie is a computer that has been compromised by attackers, typically for the purpose of sending spam e-mail and viruses to literally millions of recipients. These zombies strike fear into the hearts of IT personnel responsible for maintenance of corporate networks, and particularly those charged with protecting and ensuring the availability of vital corporate e-mail systems. Today's hackers (the "zombie masters") have become so sophisticated that they have begun creating coordinated networks of zombie computers that can launch a full-scale attack at a moment's notice. Like the living dead, armies of "zombie" computers are disrupting corporate networks and sucking the life out of business-critical systems around the world.

Some basic tenets of security should be followed at all times, whether you want to protect your enterprise network from spam, viruses and DDoS attacks spewed forth by zombie networks, or protect your home computer from joining the ranks of the undead. Download CipherTrust's free white paper, "Zombies: The Digital Undead" to learn how we've zeroed in on zombies, and your organization could reap the benefits.

TippingPoint Intrusion Prevention Systems Data Sheet 2005-06-01 3Com

Intrusion Detection Systems, by definition, only detect and do not block unwanted traffic. The TippingPoint IPS operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, TippingPoint optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical. TippingPoint's high performance and extraordinary intrusion prevention accuracy have redefined network security, and fundamentally changed the way people protect their organization.

Trojan Defence: A Forensic View 2005-05-14 03:00:01 7Safe Information Security

The Trojan defence; �I didn�t do it, someone else did�� myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward a set of processes to aid forensic practitioners in this complex and difficult area. Part I examines the Trojan defence, how Trojan horses are constructed and considers the collection of volatile data. Part II takes this further by investigating some of the forensic artefacts and evidence that may be found by a forensic practitioner and considers how to piece together the evidence to either accept or refute a Trojan defence.

Non-Control-Data Attacks Are Realistic Threats 2006-04-04 03:32:00

Most memory corruption attacks and Internet worms follow a familiar pattern known as the control-data attack. Hence, many defensive techniques are designed to protect program control flow integrity. The key contribution of this paper is to show that non-control-data attacks are realistic. The paper demonstrates that many real-world applications, including FTP, SSH, Telnet, and HTTP servers, are vulnerable to such attacks. In each case, the generated attack results in a security compromise equivalent to that due to the control data attack exploiting the same security bug. Non-control-data attacks corrupt a variety of application data including user identity data, configuration data, user input data, and decision-making data. This paper emphasizes the importance of future research efforts to address this realistic threat.

Intrusion Prevention: A Proactive Approach to Network Security 2006-01-17 08:26:35

With the growing implementation of Intrusion Prevention System (IPS) technology, which is designed to proactively detect and block malicious traffic before it can reach the network, it is increasingly important for enterprises to make sure they correctly design, deploy, and maintain this solution or risk blocking mission-critical traffic. This white paper describes considerations for implementing a successful IPS solution, which will actually remove these concerns that can potentially eat up valuable resources and, more importantly, your profits.

V-Secure Aims to Stop Intrusion Attacks 2006-04-27 05:56:38

No small business owner enjoys the countless intrusions in any given workday, annoying interruptions that keep you from being productive and efficient. But those daily disturbances are nothing when compared to the digital intrusions waiting to assault the network and - literally - bring the business to a crashing halt. Intrusions are computer attacks that typically come from outside the organization usually with the intention of crashing the network, hijacking the computing power to attack other servers or to mine personal information such as credit card numbers from the network. V-Secure, a Saddle Brook, N.J.-based company aims to keep intrusions from breaching small business networks with its combination hardware and software Intrusion Prevention Systems (IPS).

Engineering e-Business Applications for Security 2005-10-10 13:43:25

Without on-demand security there's no on-demand business.

Today e-business applications provide critical links among businesses, customers, and partners. Any vulnerability translates quickly into loss of revenue, confidence, and trust.

Traditionally, businesses have focused their IT security strategies on protection of network perimeter and access control to the application system environment. In light of the wide spectrum of threats and vulnerabilities to e-business application programs, these measures are simply inadequate. Find out what steps you can take to be prepared and secure.

Jump to 1 2 3 4 5 6 [7] 8 9 10

Title	Date Added	Company
Penetration Testing: How to Reveal Vulnerabilities in Hours Rather than Weeks	2005-11-01 13:32:02
Information security managers and directors are faced with the enormous responsibility of keeping Web applications secure from the menace of hackers. The solution is automated security assessment products that leverage stateful processing to comprehensively examine Web applications and reveal vulnerabilities in hours rather than weeks. Download this white paper from Cenzic to learn more about the benefits of its Stateful Assessment technology.
Evaluations of Host-Based Intrusion Prevention Systems (HIPS): Sana's Primary Response and Cisco's Cisco Security Agent	2005-09-01 03:00:04	MITRE
As part of the Federal Aviation Administration's (FAA's) "Intrusion Quarantine" project, the MITRE Corporation's Center for Advanced Aviation System Development (CAASD) conducted an evaluation of two products, Sana's Primary Response and Cisco's Cisco Security Agent (CSA). These two products were selected as examples of Host-based Intrusion Prevention System (HIPS) technology that showed promise of meeting the Intrusion Quarantine project goals.
Sequence Number-Based MAC Address Spoof Detection	2006-06-29 02:25:39	Stony Brook University
The exponential growth in the deployment of IEEE 802.11-based Wireless LAN (WLAN) in enterprises and homes makes WLAN an attractive target for attackers. Spoofing is possible because the IEEE 802.11 standard does not provide per-frame source authentication, but can be effectively prevented if a proper authentication is added into the standard. Unfortunately, it is unlikely that commercial WLANs will support link-layer source authentication that covers both management and control frames in the near future. This paper proposes an algorithm to detect spoofing by leveraging the sequence number field in the link-layer header of IEEE 802.11 frames, and demonstrates how it can detect various spoofing without modifying the APs or wireless stations.
Zombies: The Digital Undead	2006-01-31 14:13:53
A zombie is a computer that has been compromised by attackers, typically for the purpose of sending spam e-mail and viruses to literally millions of recipients. These zombies strike fear into the hearts of IT personnel responsible for maintenance of corporate networks, and particularly those charged with protecting and ensuring the availability of vital corporate e-mail systems. Today's hackers (the "zombie masters") have become so sophisticated that they have begun creating coordinated networks of zombie computers that can launch a full-scale attack at a moment's notice. Like the living dead, armies of "zombie" computers are disrupting corporate networks and sucking the life out of business-critical systems around the world. Some basic tenets of security should be followed at all times, whether you want to protect your enterprise network from spam, viruses and DDoS attacks spewed forth by zombie networks, or protect your home computer from joining the ranks of the undead. Download CipherTrust's free white paper, "Zombies: The Digital Undead" to learn how we've zeroed in on zombies, and your organization could reap the benefits.
TippingPoint Intrusion Prevention Systems Data Sheet	2005-06-01	3Com
Intrusion Detection Systems, by definition, only detect and do not block unwanted traffic. The TippingPoint IPS operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded. In fact, TippingPoint optimizes the performance of good traffic by continually cleansing the network and prioritizing applications that are mission critical. TippingPoint's high performance and extraordinary intrusion prevention accuracy have redefined network security, and fundamentally changed the way people protect their organization.
Trojan Defence: A Forensic View	2005-05-14 03:00:01	7Safe Information Security
The Trojan defence; �I didn�t do it, someone else did�� myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward a set of processes to aid forensic practitioners in this complex and difficult area. Part I examines the Trojan defence, how Trojan horses are constructed and considers the collection of volatile data. Part II takes this further by investigating some of the forensic artefacts and evidence that may be found by a forensic practitioner and considers how to piece together the evidence to either accept or refute a Trojan defence.
Non-Control-Data Attacks Are Realistic Threats	2006-04-04 03:32:00
Most memory corruption attacks and Internet worms follow a familiar pattern known as the control-data attack. Hence, many defensive techniques are designed to protect program control flow integrity. The key contribution of this paper is to show that non-control-data attacks are realistic. The paper demonstrates that many real-world applications, including FTP, SSH, Telnet, and HTTP servers, are vulnerable to such attacks. In each case, the generated attack results in a security compromise equivalent to that due to the control data attack exploiting the same security bug. Non-control-data attacks corrupt a variety of application data including user identity data, configuration data, user input data, and decision-making data. This paper emphasizes the importance of future research efforts to address this realistic threat.
Intrusion Prevention: A Proactive Approach to Network Security	2006-01-17 08:26:35
With the growing implementation of Intrusion Prevention System (IPS) technology, which is designed to proactively detect and block malicious traffic before it can reach the network, it is increasingly important for enterprises to make sure they correctly design, deploy, and maintain this solution or risk blocking mission-critical traffic. This white paper describes considerations for implementing a successful IPS solution, which will actually remove these concerns that can potentially eat up valuable resources and, more importantly, your profits.
V-Secure Aims to Stop Intrusion Attacks	2006-04-27 05:56:38
No small business owner enjoys the countless intrusions in any given workday, annoying interruptions that keep you from being productive and efficient. But those daily disturbances are nothing when compared to the digital intrusions waiting to assault the network and - literally - bring the business to a crashing halt. Intrusions are computer attacks that typically come from outside the organization usually with the intention of crashing the network, hijacking the computing power to attack other servers or to mine personal information such as credit card numbers from the network. V-Secure, a Saddle Brook, N.J.-based company aims to keep intrusions from breaching small business networks with its combination hardware and software Intrusion Prevention Systems (IPS).
Engineering e-Business Applications for Security	2005-10-10 13:43:25
Without on-demand security there's no on-demand business. Today e-business applications provide critical links among businesses, customers, and partners. Any vulnerability translates quickly into loss of revenue, confidence, and trust. Traditionally, businesses have focused their IT security strategies on protection of network perimeter and access control to the application system environment. In light of the wide spectrum of threats and vulnerabilities to e-business application programs, these measures are simply inadequate. Find out what steps you can take to be prepared and secure.

Security

Featured Whitepapers

Member Login

Oracle Technology Solutions for Midsize Businesses

Industry Report: Financial Services