[Back][Home][Search] [Image] [Image] [Image] [Bomb2] [Image] Alarming News For Hackers Rutrell Yasin: Just how effective are intrusion detection systems at locking hackers out of corporate networks? Early incidents suggest they are quite effective. Consider the case of a large financial services company that recently installed a beta version of CyberCop, one of the new breed of high-tech burglar alarms from Network Associates. Shortly after installing two sensor probes and a server-one sensor for the internal network, the other on the Internet link-security operators began to notice suspicious activity. "There were several incidents of DNS scans against us," said a security administrator at the company who requested anonymity. This was a clear sign that someone was trying to gain access to the network. A few days before Christmas, CyberCop picked up a TCP/IP hijacking attempt. Employees in the bank's mortgage finance group routinely access the Web site of a business partner. Someone from the partner's site attempted to come back into the bank's network using IP addressing information culled from IP sessions originating at the bank. Immediately, CyberCop blocked the site and the Webmaster at the business partner was contacted. Three hours later, however, "our firewall went into distress and we thought it was a hardware issue, like a network card failing." About five to 10 minutes later, the firewall was hit with a denial-of-service attack. CyberCop found this attack was coming from a different Web site than the one attempting to hijack TCP/IP sessions, which prompted operators to take action to block the site. CyberCop ships at the end of the month. It costs $8,995 per sensor. Other companies fielding high-tech burglar alarms include Axent Technologies, Internet Security Systems, Intrusion Detection Inc., Trusted Information Systems and the WheelGroup. Copyright (c) 1998 CMP Media Inc. [Bomb2] Infowar.Com & Interpact, Inc. WebWarrior@Infowar.Com Voice: 813.393.6600 Fax: 813.393.6361