WildFire and FlowScape are powerful new tools for intrusion detection

The original network intruders were often misfit geeks operating from boredom or a need for thrills. As businesses went online, a new kind of intruder arose – a thief, poking around for credit card numbers or a chance to add another spam slave to the botnet.

This new breed of intruder brings a sophistication that takes the threat to the level of cyber attack. Well-funded and highly skilled criminal organizations can stake out a network for months – sometimes years, keeping constant watch and trying every trick they know until they find a way to slip past security. Many of these organizations aren't just looking for a single hit – they want to stay on the network for the long term and generate revenue by stealing financial data, medical data, and trade secrets.

This new style of attack is often classified under the general category of Advanced Persistent Threat (APT). In addition to sophisticated criminal organizations, some APT attackers are actually spy agencies for foreign governments. To counteract this kind of next-generation attack, networks need next-generation defense tools. In particular, if the attack is "always on," the defense has to be "always on." It isn't enough to monitor the perimeter and launch a forensic study when you happen on evidence that something is awry.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Novell Acquires Teamwork Specialists Sitescape

    Novell today announced it has acquired SiteScape, a leader in open source team collaboration, in a move that will create interoperable, open source and open standards-based workspaces for team productivity.SiteScape, the founder of the ICEcore open source collaboration project, brings impressive team workspace and real-time collaboration capabilities to Novell.

    more »
  • Building a Rasp Pi IDS

    An intrusion detection system was once considered too complicated and too expensive for a home network, but nowadays you can use a Raspberry Pi and the Suricata IDS for real-time notice of an incoming attack.

    more »
  • The New Snort

    Get ready for a bigger and better Snort. If you're used to protecting your systems with this trusty intrusion detection tool, you'll appreciate the new features in the latest version.

    more »
  • Charly's Column

    If you don't have time to tinker with complicated firewall rules, you might want to check out the clever FireHOL approach.

    more »
  • FAQ

    Welcome our new artificial intelligence overlords by tinkering with their gray matter.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source