Home Archive RSS/XML Subscribe Shop

[ISN] Fighting hackers with Freeware [sans/shadow]

From: mea culpa <jericho_at_dimensional.com>
Date: Wed 22 Jul 1998 - 13:10:01 CDT
Forwarded From: Shaedow <whisper@tacd.com>
	
http://www.news.com/News/Item/0,4,24480,00.html?st.ne.ni.lh

Fighting hackers with freeware 
By Randy Weston
Staff Writer, CNET NEWS.COM
July 22, 1998, 8:10 a.m. PT 

Been hacked? Only the Shadow may know for sure.

The Shadow is the latest weapon in the ongoing war against hackers and the
first result of a new cooperative effort between government and private
industries to thwart computer break-ins and security breeches.

The product is an intrusion detection software system designed by a
consortium comprised of the Defense Department, private industry, and
security professionals. The Shadow is available for free to any U.S.
organization.

"The key problem is that hackers win because they cooperate and security
people don't," said a press release from the SANS Institute, an
educational group for systems administrators and network security
specialists. "It is time to begin the hard work of cooperating in search
of solutions."

That work is resulting in such products as the Shadow. The detection
device is already in use monitoring more than 40 known attack profiles in
incoming network traffic for more than 14,000 hosts.  According to the
SANS Institute, analysts using the tool have also found three new types of
attacks.

Features of the Shadow include the following: 

  Uses traffic analysis rather than content analysis to
  assure privacy for users.

  Monitors all ports for all protocols instead of just a few.

  Combines signature monitoring with statistical
  assessment which detects events that filters are
  unable to decode.

  Requires computing power that costs less than
  $10,000 which includes the large capacity disks
  needed to store massive amounts of data. 

Details about the Shadow including how to download and install it are
available by emailing the institute at info@san.org with the subject
SHADOW Description. The return email will also include agendas on two-day
training seminars for using the system, which begin July 24 in San
Francisco but are also being held in Orlando, Washington D.C., and New
York.


-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
Received on Wed Jul 22 17:53:13 1998
Google
 
Web www.infosecnews.org
© Copyright 2007 InfoSec News
Home Archive RSS/XML Subscribe Shop Privacy