Recall from earlier discussions that systems are usually compromised for one of two reasons:
Improper configuration by the vendor or by an administrator
Software bugs in software you purchase and in software you develop
Even the best preventative security tool will not meet your expectations if improperly configured. Firewall scans by consultants and security organizations such as ICSA […]
One of the consequences of acquisitions and mergers in the security industry is the maturing of security products so that they fit better into enterprise system management solutions. General event monitoring is one of the most useful components of a distributed management framework, such as Tivoli TME, which includes the Event Manager. Site administrators are […]
CMDS is best known for its statistical anomaly-detection approach, although CMDS also includes an expert system with pattern-matching signatures. Many early IDSs were written using rule-based expert systems, although this programming paradigm is not widely used today.
Analysis Modes
CMDS can analyze target node data in real time, batch, or on-demand modes. Each target runs a daemon […]
At the time this was written, the real-time, client-server, heterogeneous Stalker product was not available. Naturally, you should check the Network Associates Web site for the latest information. Many enhancements to Stalker have been planned and will roll out over time. You want to remember that batch reports are an important part of security monitoring. […]
