Wednesday, March 29, 2006

So, What are Intrusion Detection Systems

So, What are Intrusion Detection Systems? by Rob Lamper

Intrusion Detection System (IDS) are becoming a very important part of any strategy for enterprise

security. But what are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:

"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)

There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems are looking for suspicious activity and monitor the packets. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.

Who wants to breaking into your system?

One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.

How do intruders break into your system?

The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are a lot of ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.


How does one stop intrusions?

There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.


Open Source Intrusion Detection Systems


Below are a few of the open source intrusion detection systems:


AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."


File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."


Snort (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."

Commercial Intrusion Detection Systems

If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:

Tripwire

http://www.tripwire.com


Touch Technology Inc (POLYCENTER Security Intrusion Detector)

Http://www.ttinet.com


Internet Security Systems (Real Secure Server Sensor)

http://www.iss.net


eEye Digital Security (SecureIIS Web Server Protection)

http://www.eeye.com

Rob Lamper
Computer Security 2006

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More Software Articles

Software RSS Feed

Posted by Editor at 1:29 PM

PHP, SEO, And Spiders - Oh My

PHP, SEO, And Spiders - Oh My! by Ian Wilson

Dynamic database-driven sites have become very popular, and relatively easy to set up and administer, through the use of Content Management Systems (CMS) and PHP server-side scripting. It's also possible to create a fancy-looking site with little actual content, or automatically generated code that can harm your SEO, such as multiple URLs that display identical content.

Search engines are constantly evolving and adapting in response to changes in the way information is presented on the web. Strategies that were once necessary to ensure inclusion of PHP pages are no longer required.

It was once helpful to generate a static HTML version of a PHP page so that all the "includes" could be indexed. Now search spiders "see" all the content on a PHP page, the same way it is viewed in a browser.

It used to be prudent to avoid dynamic URLs containing "? & =" - now, the search engines list URLs with the dynamic variables. However, it is best to compose them with no more than three variables. Some variable-laden URLs may be listed, but without any accompanying content/description, in the search results... Stay tuned for further developments as the search engines refine their methods.

With many hosts running the popular Apache server, developers are expanding the use of PHP by modifying the .htaccess file to allow PHP code processing within HTML documents, and enabling shorter URLs with fewer variables by configuring httpd.conf. Your web hosting provider's support team should be able to tell you if these features are available for your site.

Implementing a common-sense approach to SEO for your PHP site requires cooperation and coordination among the developer, webmaster, and web host. Beware of "SEO Experts" with "secret methods" and "guaranteed results" - gimmicks that kludge the search spider today might hurt your ranking tomorrow.

A descriptive and catchy page title is one of the key elements of SEO - whether or not your site uses PHP - since it becomes the linked title of your search engine listing. Use the name of your site in the title to encourage branding, along with a brief capsule about the specific page. Remember that the title displays at the top of the browser window and in the menu bar, so keep it brief, less than 160 characters. Avoid using identical titles on multiple pages (this can easily happen with dynamically generated titles) because they may not be listed individually, and if they are listed separately, it's confusing. Meta tags for description and keywords have become less crucial to SEO - but that doesn't mean you should forget about them.

The basic principles of SEO that apply to static HTML sites also apply to dynamic PHP sites:

● Provide engaging and valuable content presented in an attractive design.

● Code should be error-free and standards-compliant.

● Use keywords appropriate to your subject matter - don't be tempted to use "tricks" that might end up hurting your search engine listing.

● Encourage repeat visits with frequent updates, interactive features, membership sign-up, opt-in newsletters and, if appropriate, "freebies" - contests, giveaways, downloads and other resources.

● Encourage linking to your site with copy & paste code. Reciprocal links build partnerships and enhance page rank, but avoid hosting bulky "link farms" and other venues for worthless web site spam.

● Make use of tools provided by the search engines, such as creating a sitemap.

● Educate yourself by reading the search engine faqs, as well as by perusing some independent forums for SEO tips and methods.

Here are a few resources for further information:

Optimizing Dynamic Content

http://www.highrankings.com/issue065.htm#seo

Building Dynamic Pages With Search Engines in Mind

http://phpbuilder.com/columns/tim20000526.php3

High Rankings(r) Search Engine Optimization Forum > Technobabble > Dynamically Generated Site Issues

http://www.highrankings.com/forum/index.php?s=c5e371a3bec60ac7e650447c430abfd4&showforum=25

Digital Point Forums > Marketing > Search Engine Optimization > PHP, HTML does it matter?

http://forums.digitalpoint.com/showthread.php?t=53280

Parsing PHP in .html Files

http://www.desilva.biz/php/phpinhtml.html

Ian Wilson is a support analyst, specializing in coding and system administration, for Apollo Hosting. Apollo Hosting provides website hosting, ecommerce hosting, vps hosting, and web design services to a wide range of customers.

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More PHP Articles

PHP RSS Feed

Posted by Editor at 1:20 PM

Subscribe to: Posts (Atom)