If you are looking for Intrusion Detection Systems business, here are a few of them:
http://www.eeye.com
There are several freeware or shareware intrusion detection systems as well as intrusion detection systems.
Here are some of the open source intrusion detection systems:
Heard about botnets? What really are botnets?
According to Stromberg (http://project.honeynet.org/papers/bots/), “A botnet is comparable to compulsory military service for windows boxes.”
Botnets are networks of computers that are infected by pirates and grouped under their control to propagate viruses, send illegal spam, and carry out attacks that cause websites to crash.
What makes extremely bad botnets is the difficulty in tracing them back to their creators, and the ever-increasing use of these systems in extortion. How are they used in the schemes of extortion? Imagine someone sending you messages or to pay or to see your website accident. This scenario is itself starting to play again and again.
Botnets can consist of thousands of compromised computers. With such a network, botnets can use distributed denial of service (DDoS), as a way to cause chaos and mayhem. For example, a small botnet with only 500 bots can bring to company websites to its knees by using the combined bandwidth of all computers to overwhelm the system and cause the site to appear offline.
Jeremy Kirk, IDG News Service on 19 January 2006, quoted Kevin Hogan, senior manager of Symantec Security Response, in his article “Botnets shrinking in size, difficult to trace”, Hogan says “extortion schemes have been supported by the muscle of botnets, and hackers are also renting the use of armadas of computers for illegal purposes through advertisements on the Web. “
A well known technique in the fight against botnets is a honeypot. Honeypots help discover how attackers infiltrate systems. A Honeypot is essentially a set of resources that we consider to be compromised in order to study how hackers break the system. Unpatched Windows 2000 or XP machines great honeypots given the ease with which one can support such systems.
A site to read on this subject is the Honeynet Project (http://project.honeynet.org), which describes its own site is to “To use the tools, tactics and motives involved in the computer and network attacks, and share lessons learned. “
It is essential for the reader to understand and appreciate that there is no such thing as security of the operating system or Web browser. Although the use of security suites and other complementing products can significantly reduce your risk, they are not magic wands that you can wave to eliminate 100% of your risk. Any product claiming they can do, it must be regarded with great skepticism.
There are many ways in which the security of your computer can be breached. In most cases, the threats come from worms, viruses, Trojans, phishing, hackers and crackers. Potential security breaches can take the form of downloading unknown attachments, being monitored by spyware, malware or maliciously attacked by scanning probe port.
Dshield.org (www.dshield.org), a non-profit corporation, operates as a “correlation engine that dominates tied with global coverage.” In short, they work with people and businesses to monitor, among other things, port scanning violations. Port scanning involves a person (hereinafter a hacker or cracker) who attempts to enter your computer through open ports on your system. Once an open port is located, the individual attempts to collect your personal information or install malicious software on your computer program. On average, Dshield.org more than 1.1 billion logs attempts to scan port each month. What is even more frightening is that it is only on the basis of their program participants. You can imagine how many other incidents occur each month, with the general population of computer users.
Dshield.org also reports on the survival time. Survival time refers to how long it takes before a PC is attacked or infected unpatched. Below is an overview of their current operating system breakdown:
Current breakdown OS
Category% Adjusted Survival Time
Windows 27.0000 128 min
Unix 0.5000 3648 min
Application 3.0000 1203 min
P2P 1.5000 1591 min
Backdoor 0.5000 5432 min
Source: Dshield.org – Survival Time History (11/8/05)
In short, if you have a Windows operating system without patches and a PC, you will be attacked or infected in a little over 2 hours. When you look in those terms, securing your computer becomes a mission.
Here are some easy steps you can take immediately to protect your computer.
In most cases, the Windows desktop and screen saver passwords are properly protected security concerns normal. However, if you feel more comfortable taking additional security measures consider obtaining a comprehensive security suite.
The first commander of the Department of Defense has directed the operations of the network for the crackdown on security. According to a recent article by NetworkWorld on January 16.2006, Lt. General Charles Croom is quoted as saying: “The attacks come from everywhere and they are better.” His speech was the keynote address at the Department of Cyber Defense Conference held on Crime January 9 – 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint Task Force. More than 500 specialists in computer crime The FBI and the military attended the event.
The repression is linked to a recent arrest of a “Computer Virus Broker” named Jeanson James Ancheta. The further investigation, the Department of Justice press release of November 3rd, 2005 offers the following information about this incident, ” In the first prosecution of its kind in the nation, a well known member of the “botmaster underground” has been indicted on Federal Charges in order to benefit from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.
Jeanson James Ancheta, 20, of Downey, California, was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday in two conspiracies, as well as charges of attempting to cause damage to protected computers, causing damage to computers used by the federal government in national defense, access to protected computers without the authorization to commit fraud and money laundering. ”
The press release goes on to describe details of the scheme which clearly show why the Department of Defense is concerned (for more information, go to: http://www.usdoj.gov/criminal/cybercrime/ anchetaArrest.htm)
“Ancheta was an affiliate of several companies of advertising services, business and paid him a commission based on the number of facilities. To avoid detection by network administrators, security analysts and law enforcement, Ancheta could vary the download times and rates of the adware installations. When companies hosting Ancheta adware servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he controlled to pick up adware. To generate the approximately $ 60,000 he received in advertising affiliate products, Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta used the proceeds from affiliate advertising he earned to pay between other things, the large number of servers used to conduct its programs.
Ancheta used programs powerful enough to cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the U.S. Department Defense. Both networks are used exclusively by the federal government for national defense. After being arrested this morning at the FBI office in Los Angeles, Ancheta was transported to the United States District Court in Los Angeles. It is unclear if he made his first court appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of attempted transmission of code to a protected computer, two counts of transmission of code to a government computer, five counts of protecting access to a computer to commit fraud and five counts of money laundering. Count 17 of the indictment seeks forfeiture of more than $ 60,000 in cash, a BMW automobile and computer equipment that the indictment are the proceeds and instrumentalities of Ancheta illegal activity. ”
Some of the latest news. Ancheta pleaded guilty to conspiracy to violate anti-spam and abuse laws, and fraud and serve 4-6 years in prison under the plea agreement – plus heavy fines.