Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : Wi-Fi Security : Real Live People

Real Live People

Jun 26,2010 by alperen

small font medium font large font
image


The other type of IDS doesn’t rely on fuzzy logic or predefined attack signatures—
instead it relies on people! Yes, they still do exist when it comes
to evaluating potential problems with your network systems, and in many
ways they have an edge over the computer being the decision maker.

Counterpane is a good example of a company that builds an IDS that
installs in the corporate environment and then sends information about
network activity (logs) back to an evaluation center for trained personnel
to determine, over a period of time, if you are experiencing any type
of hacking activity. Although this type of situation is not nearly as quick
as the computer-generated alert example above, it does eliminate false
positives when the computer keeps telling you that you are under a hack
attack when you really aren’t.

The idea is that a computer-generated system can be only so accurate
when it comes to knowing how to identify hacking attempts against your
networks and other systems. When you have a real-live person looking
at your logs on a continuing basis, you have the security and knowledge that a person is the best judge possible of how many access attempts are
really taking place. If someone is indeed trying to break into your systems,
then a service set up specifically to identify possible attacks is the
best judge.

The whole idea is to make it possible to perceive that a bigger attack
is coming down the line. Your best defense is having an expert who can
inform you of possible problems when it really counts.


In a setup like this, the IDS company installs a machine inside your
network which sends reports and information through a secure, encrypted
channel back to the home office, where analysts review the data. The
biggest worry most companies have is whether or not the IDS machine
poses a possible risk—a hacker that could gain entrance to the network
through the very device designed to prevent breaches? The answer is
that these servers are configured so that only authorized personnel can
access limited information pertaining to access activity and logs. The
IDS machines themselves do not have access to the mission-critical data
flowing across the network and therefore should not normally constitute
a security vulnerability if compromised.
186 times read

Related news
No matching news for this article
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

admin

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.