abrahamj wrote: |
You try the Ax3soft sax2, it is a professional network intrusion prevention (IPS) and intrusion detection system (IDS) to detect variety of attacks, including SQL inject attacks, worms, backdoor Trojans, ARP spoof, CGI/WWW attacks, DoS/DDoS, password guessing and so on, for more information, pls visit http://www.ids-sax2.com/index.asp |
CoreDefend wrote: |
Most intrusion detection systems have this capability.
It depends where you are placing the IDS and what you need it to monitor. For example, if you are monitoring inbound Internet traffic that is allowed by your firewall, the traffic simply passes through the IDS/IPS for inspection. Typically, the only ports that are opened are internal for web admin interface and maybe database connection (if the DB is on a separate server). |
Skygee wrote: |
Was researching this, and stumbled onto site (www.grc.com) that suggested most port monitors open various ports to lure hackers, and only a few port monitors have more secure means of testing. If you've time, could you take a look-see on that site, and let me know if its accurate or not? |
GRC wrote: |
But many companies are leveraging customer ignorance and trading on hype. With much less investment in technology and much more in marketing, they are taking advantage of Internet security hysteria to score a fast buck. |
GRC wrote: |
"Ports" are just what they sound like: PORTALS into your computer. Entry points to give intruders a foothold. |
GRC wrote: |
When viewed from across the Internet, computers running Evil Port Monitors give the appearance of being the Grand Central Station of servers with a wide array of exploitable resources. [...] |
GRC wrote: |
Using one of these so-called monitors is like leaving your front door unlocked and slightly ajar in the hopes of catching a burglar: You might well lure someone into your home, but then you have an entirely different problem! |
GRC wrote: |
But it doesn't have to be that way! By comparison, high-quality port monitors — which do exist but are not free — can sense connection and intrusion attempts without opening or exposing any ports. |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours