Slashdot Mirror

← Back to Stories (view on slashdot.org)

Network Intrusion Detection and Prevention?

Posted by Cliff on from the security-assistance-from-code dept.

c0dyd asks: "Lately, computer attacks have gained much popularity in the news; however, it is not often that we hear of new software, hardware or 'appliances' that combat malicious code attacks and data intrusions. Obviously, the need is present. I've searched thoroughly for network intrusion detection and prevention systems, but the choices and technologies seem somewhat limited or proprietary-- Snort appears an obvious open source solution for intrusion detection but many users many find it lacking in intrusion prevention capabilities. What do you, the experienced network admin, use for detecting intrusions on the network and how does your network react to those intrusions?"

15 of 264 comments (clear)

  1. How do I do my job? by smileyy · · Score: 5, Funny

    Ask Slashdot: I've been wondering how to do my job. I figure other people out there have jobs too, and know how to do them. Maybe they can share their experiences, or even do my job for me!

    --
    pooptruck
    1. Re:How do I do my job? by op12 · · Score: 2, Funny

      you never know what precious tidbit of information you might get

      Or how long you'll have to sort through the trolls/awful jokes to find it :)

  2. Ethereal by fsterman · · Score: 5, Funny

    As soon as any Ethereal activity occurs I have shell script flash the screen red where a trained monkey pulls out the cat-5 cable.

    --
    Is there anything better than clicking through Microsoft ads on Slashdot?
    1. Re:Ethereal by youknowmewell · · Score: 2, Funny

      Damn, your monkey is smart. All my monkey does is chew on the cable!

    2. Re:Ethereal by airjrdn · · Score: 2, Funny

      You should spank your monkey.

      --

      My Tech Posts on Twitter
  3. My solution by DanThe1Man · · Score: 4, Funny

    When I find an attacker getting into my company's network I start pulling my hair out and run around screaming "Aww! Aww! The crackers are taking over my network! Aww! Aww!"

    By the way, I just got laid off, does anyone need a Sys Admin?

  4. Re:intrusion detection by TobyWong · · Score: 4, Funny

    Which who command would that be? The one that was on your system originally or the "new and improved" version I just put on there?

    BTW nice pr0n collection, your space lego photo series in particular is very kinky.

    --
    - Toby
  5. Trained Monkeys by Anonymous Coward · · Score: 0, Funny

    I find the most effective solution to be an army of trained monkeys (similar to the trunk monkey (www.trunkmonkey.com)) who monitor my snort alerts and subsequently fling fecal matter at the would be attackers. This may not stop the initial attack, but it generally prevents an attacker from coming back.

  6. The program of choice for all Network Admins is by jim_v2000 · · Score: 4, Funny

    Obviously Norton Internet Security!

    Norton Internet Security provides a COMPLETE security solution for your machine by promptly blocking all programs on your machine from having any internet access, AT ALL! Buy it today!

    --
    Don't take life so seriously. No one makes it out alive.
  7. I know it's illegal, but by Rosco+P.+Coltrane · · Score: 2, Funny

    what I'd really like is a network intrusion product that not only detects "bad guys" but also automatically retaliates, i.e. deluges said bad guy with ping floods, winnukes (yes I know, it's old), tries to root the bad guy's box and wipe the hard disk, or install backorifice, etc...

    I reckon if the majority of network admins did that, perhaps intruders would think twice about playing that game. Not to mention the feeling of satisfaction when (if) the intruder's box is trashes in real-time before his eyes :-)

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
    1. Re:I know it's illegal, but by Anonymous Coward · · Score: 1, Funny

      Wow. You're even more of a stupid fuck than I thought you were, and that's an impressive feat to pull off.

  8. Re:ASL by alfrin · · Score: 2, Funny

    14/f/cali
    You mean: 43/m/moms basement

  9. Re:Personalized Login System by Rosco+P.+Coltrane · · Score: 4, Funny

    changing the login program to do something funky is enough to screw up any script.

    Even simpler: drop the user straight to a working shell. That way, scripts will wait for the "ogin:" and "assword:" strings indefinitely until the connection times out, and legit users won't even have to enter their logins. As for hackers, they'll see the "~$" prompt, won't believe their eyes, will think it's a clever trap or something, and they'll promply disconnect out of paranoid fear :-)

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  10. Festival text to speech by HermanAB · · Score: 2, Funny

    Well, you can always pipe your firewall log into Festival and make it talk to you...

    tail -f /var/log/messages |festival --tts

    --
    Oh well, what the hell...
  11. Re:IBM Has You Covered by vmcto · · Score: 2, Funny

    I've seen that correlation engine...

    I believe it's in Bangalore...