Intrusion Detection: Network Security Beyond the Firewall:Vulnerability Scanners









































function GetCookie (name)
{
var arg = name + "=";
var alen = arg.length;
var clen = document.cookie.length;
var i = 0;
while (i < clen)
{
var j = i + alen;
if (document.cookie.substring(i, j) == arg) {
var end = document.cookie.indexOf (";", j);
if (end == -1)
end = document.cookie.length;
return unescape(document.cookie.substring(j, end));
}
i = document.cookie.indexOf(" ", i) + 1;
if (i == 0) break;
}
return null;
}
var m1='';
var gifstr=GetCookie("UsrType");
if((gifstr!=0 ) && (gifstr!=null)) { m2=gifstr; }
document.write(m1+m2+m3);









        






























 



Keyword
Title
Author
ISBN
Publisher
Imprint


Brief
Full

 Advanced      Search
 Search Tips














Please Select
-----------
Components
Content Mgt
Certification
Databases
Enterprise Mgt
Fun/Games
Groupware
Hardware
IBM Redbooks
Intranet Dev
Middleware
Multimedia
Networks
OS
Prod Apps
Programming
Security

UI
Web Services
Webmaster
Y2K
-----------
New Titles
-----------
Free Archive


























To access the contents, click the chapter and section titles.


Intrusion Detection: Network Security beyond the Firewall


(Publisher: John Wiley & Sons, Inc.)

Author(s): Terry Escamilla

ISBN: 0471290009

Publication Date: 11/01/98



function isIE4()
{
return( navigator.appName.indexOf("Microsoft") != -1 && (navigator.appVersion.charAt(0)=='4') );
}
function bookMarkit()
{
var url="http://www.itknowledge.com/PSUser/EWBookMarks.html?url="+window.location+"&isbn=0";
parent.location.href=url;
//var win = window.open(url,"myitk");
//if(!isIE4())
// win.focus();

}












Search this book:
 





















Previous
Table of Contents
Next




Are You Done Yet?
Nope. In this chapter, you saw how scanners can look for vulnerabilities either locally on a node or by remote testing for weaknesses. Recall that the two primary ways a hacker gains access are through the following:


•  A configuration error by the vendor supplying a product or by the administrator running the system (or in some cases via user mistakes)
•  A software bug

Scanners look for these types of weaknesses in your systems by examining configuration data or by attempting to exploit a vulnerability. Relative to other IDSs, the distinguishing feature of vulnerability scanners is that they run occasionally, rather than constantly.

Before you get too excited about scanners, you should remind yourself that they are software products, too. Security vendors are generally more attentive to good programming practices, so hopefully the likelihood of a buffer overflow attack against your scanner is small. However, the vulnerability assessment will detect only the things it is configured to scan. If the administrator does not set up and configure the scanner properly, hackers will continue to operate undetected.
Although scanners are a necessary tool in your environment, they are not sufficient for a complete security solution. The missing feature is real-time detection of attacks as they occur. In the next chapter, you’ll see how system-level IDSs supplement scanners at your sites.



Previous
Table of Contents
Next






























Products |  Contact Us |  About Us |  Privacy  |  Ad Info  |  Home


Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc.
All rights reserved. Reproduction whole or in part in any form or medium without express written permission of EarthWeb is prohibited.