Search /
Docfinder:

RESEARCH CENTERS

Applications
Careers
Convergence
Data Center
LANs
Net/Systems Mgmt.
NOSes
Outsourcing
Routers/Switches
Security
Service Providers
Small/Med.Business
Storage
WAN Services
Web/e-commerce
Wireless/Mobile

SITE RESOURCES

Daily News
Newsletters
This Week in NW
Tests/Reviews
Buyer's Guides
Opinion
Forums
Special Issues
How to/Primers
Case Studies
Network Life
Encyclopedia
IT Briefings

TODAY'S NEWS

•
•	Boston College converts chapel into high security data center
•
•	Economic crisis means double duty for IT pros
•	IT spending hit won't rival dot-com bust, Gartner says
•	Black box for the enterprise protects data from terrorists, hurricanes
•	Blue Coat, partners pitch less expensive data-leak prevention
•	Google, Microsoft spark interest in modular data centers, but benefits may be exaggerated
•	World Bank denies report of massive data breaches
•	Woven weaves 10G at $500 per port
•
•
•	Firefox for Mobile alpha release due next week
•	Economic malaise hits IT industry
•
•	More breaking news

Security /

Intrusion detection software and honeypots

By Ron Nutter
Network World Fusion, 11/05/01

After the recent Nimda virus, a consultant advised the IS Manager at my company to install an intrusion detection system and to put a "honeypot" in place. Can you explain what a "honeypot" is and give me an idea of what we should look for in intrusion-detection software?
-- via the Internet

Advertisement:

A "honeypot" refers to a computer designed to look like an unprotected machine with which to trap unsuspecting hackers. The honeypot can do several things. It can sufficiently distract someone who plans to cause damage to other systems on your Network. It also tracks hacking attempts and alerts the appropriate persons in your company that a hack or unwelcome intrusion is in progress. Search the Internet for some do-it-yourself options or commercial options such as Neoworx (which McAfee recently purchased).

While a honeypot is one type of IDS, you will still need to put something in place on your servers, whether or not they are on the public or private side of your network. Here again, there are quite a few options to choose from. Products by Black Ice (recently purchased by ISS), Zone Alarm and Hack Tracer are just a few to choose from. These are PC level products. But Internet Security Systems www.iss.net offers a product that will report an attack on a server directly to a central console, much like a server farm.

RELATED LINKS

Nutter's Help Desk archive

Help Desk forum
Post and answer networking questions.

Ron Nutter, a Master Certified Novell Engineer and Microsoft Certified Systems Engineer in the Lexington, Ky., area, tracks down the answers to your questions. Send your questions to helpdesk@networkref.com.

'Decoy nets' gain backers in battle against hackers
More details on honeypots. Network World, 3/5/01.

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!

New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE

Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.

Click Here

alt text

Click Here

HOME

RESEARCH CENTERS

NEWS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.