Click Here!
home account info subscribe login search My ITKnowledge FAQ/help site map contact us


 
Brief Full
 Advanced
      Search
 Search Tips
To access the contents, click the chapter and section titles.

Intrusion Detection: Network Security beyond the Firewall
(Publisher: John Wiley & Sons, Inc.)
Author(s): Terry Escamilla
ISBN: 0471290009
Publication Date: 11/01/98

Bookmark It

Search this book:
 
Previous Table of Contents Next


Are You Done Yet?

Nope. In this chapter, you saw how scanners can look for vulnerabilities either locally on a node or by remote testing for weaknesses. Recall that the two primary ways a hacker gains access are through the following:

  A configuration error by the vendor supplying a product or by the administrator running the system (or in some cases via user mistakes)
  A software bug

Scanners look for these types of weaknesses in your systems by examining configuration data or by attempting to exploit a vulnerability. Relative to other IDSs, the distinguishing feature of vulnerability scanners is that they run occasionally, rather than constantly.

Before you get too excited about scanners, you should remind yourself that they are software products, too. Security vendors are generally more attentive to good programming practices, so hopefully the likelihood of a buffer overflow attack against your scanner is small. However, the vulnerability assessment will detect only the things it is configured to scan. If the administrator does not set up and configure the scanner properly, hackers will continue to operate undetected.

Although scanners are a necessary tool in your environment, they are not sufficient for a complete security solution. The missing feature is real-time detection of attacks as they occur. In the next chapter, you’ll see how system-level IDSs supplement scanners at your sites.


Previous Table of Contents Next


Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home

Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited.