[ISN] Fighting hackers with Freeware [sans/shadow]

From: mea culpa (jerichot_private)
Date: Wed Jul 22 1998 - 11:10:01 PDT

  • Next message: mea culpa: "[ISN] Warning: New Virus (Win95.CIH) - Potentially Damages BIOS"

    Forwarded From: Shaedow <whispert_private>
    	
    http://www.news.com/News/Item/0,4,24480,00.html?st.ne.ni.lh
    
    Fighting hackers with freeware 
    By Randy Weston
    Staff Writer, CNET NEWS.COM
    July 22, 1998, 8:10 a.m. PT 
    
    Been hacked? Only the Shadow may know for sure.
    
    The Shadow is the latest weapon in the ongoing war against hackers and the
    first result of a new cooperative effort between government and private
    industries to thwart computer break-ins and security breeches.
    
    The product is an intrusion detection software system designed by a
    consortium comprised of the Defense Department, private industry, and
    security professionals. The Shadow is available for free to any U.S.
    organization.
    
    "The key problem is that hackers win because they cooperate and security
    people don't," said a press release from the SANS Institute, an
    educational group for systems administrators and network security
    specialists. "It is time to begin the hard work of cooperating in search
    of solutions."
    
    That work is resulting in such products as the Shadow. The detection
    device is already in use monitoring more than 40 known attack profiles in
    incoming network traffic for more than 14,000 hosts.  According to the
    SANS Institute, analysts using the tool have also found three new types of
    attacks.
    
    Features of the Shadow include the following: 
    
      Uses traffic analysis rather than content analysis to
      assure privacy for users.
    
      Monitors all ports for all protocols instead of just a few.
    
      Combines signature monitoring with statistical
      assessment which detects events that filters are
      unable to decode.
    
      Requires computing power that costs less than
      $10,000 which includes the large capacity disks
      needed to store massive amounts of data. 
    
    Details about the Shadow including how to download and install it are
    available by emailing the institute at infot_private with the subject
    SHADOW Description. The return email will also include agendas on two-day
    training seminars for using the system, which begin July 24 in San
    Francisco but are also being held in Orlando, Washington D.C., and New
    York.
    
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:27 PDT