12 March 1996 Verifying the secure setup of UNIX client/servers and detection of network intrusion
Author Affiliations +
Proceedings Volume 2616, Information Protection and Network Security; (1996); doi: 10.1117/12.232268
Event: Photonics East '95, 1995, Philadelphia, PA, United States
Abstract
This paper describes our technical approach to developing and delivering Unix host- and network-based security products to meet the increasing challenges in information security. Today's global `Infosphere' presents us with a networked environment that knows no geographical, national, or temporal boundaries, and no ownership, laws, or identity cards. This seamless aggregation of computers, networks, databases, applications, and the like store, transmit, and process information. This information is now recognized as an asset to governments, corporations, and individuals alike. This information must be protected from misuse. The Security Profile Inspector (SPI) performs static analyses of Unix-based clients and servers to check on their security configuration. SPI's broad range of security tests and flexible usage options support the needs of novice and expert system administrators alike. SPI's use within the Department of Energy and Department of Defense has resulted in more secure systems, less vulnerable to hostile intentions. Host-based information protection techniques and tools must also be supported by network-based capabilities. Our experience shows that a weak link in a network of clients and servers presents itself sooner or later, and can be more readily identified by dynamic intrusion detection techniques and tools. The Network Intrusion Detector (NID) is one such tool. NID is designed to monitor and analyze activity on the Ethernet broadcast Local Area Network segment and product transcripts of suspicious user connections. NID's retrospective and real-time modes have proven invaluable to security officers faced with ongoing attacks to their systems and networks.
© (1996) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Richard Feingold, Harry R. Bruestle, Tony Bartoletti, R. Allyn Saroyan, John M. Fisher, "Verifying the secure setup of UNIX client/servers and detection of network intrusion", Proc. SPIE 2616, Information Protection and Network Security, (12 March 1996); doi: 10.1117/12.232268; http://dx.doi.org/10.1117/12.232268
PROCEEDINGS
10 PAGES


SHARE
KEYWORDS
Network security

Computer security

Inspection

Information security

Operating systems

Binary data

Computer networks

RELATED CONTENT


Back to Top