ad info
 
CNN.com  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  

 

  Search
  
 

  
TECHNOLOGY
TOP STORIES

Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent

(MORE)

TOP STORIES

More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections

(MORE)
[CNN Money] BUSINESS
Playing for Iraq's jackpot

Coke & smoke bite Dow

Sun Microsystems posts tiny profit

(MORE)

MARKETS
4:30pm ET, 4/16
DJIA
144.70
8257.60
NAS
3.71
1394.72
S&P
10.90
879.91
 
[SI.com] SPORTS
Jordan says farewell for the third time

Shaq could miss playoff game for child's birth

Ex-USOC official says athletes bent drug rules

(MORE)

> All Scoreboards
WEATHER
All cities
WORLD

Quake help not fast enough, says Indian PM
U.S.

Bush: No help from Washington for California power crunch
POLITICS

Bush signs order opening 'faith-based' charity office for business
LAW

Prosecutor says witnesses saw rap star shoot gun in club
ENTERTAINMENT

Can the second 'Survivor' live up to the first?
HEALTH

Heart doctors debate ethics of testing super-aspirin
TRAVEL

Nurses to aid ailing airline passengers
FOOD

Texas cattle quarantined after violation of mad-cow feed ban
ARTS & STYLE

Ceramist Adler adds furniture to his creations

(MORE HEADLINES)
MAINPAGE
WORLD
U.S.
WEATHER
BUSINESS
SPORTS
TECHNOLOGY
 *
computing
personal technology
SPACE
HEALTH
ENTERTAINMENT
POLITICS
LAW
CAREER
TRAVEL
FOOD
ARTS & STYLE
BOOKS
NATURE
IN-DEPTH
ANALYSIS
LOCAL
EDITIONS:
CNN.com Europe

 change default edition
MULTIMEDIA:
video
video archive
audio
multimedia showcase
more services
E-MAIL:
Subscribe to one of our news e-mail lists.
Enter your address:
 
DISCUSSION:
chat
feedback
CNN WEB SITES:
CNN Websites
CNNfyi.com
CNN.com Europe
AsiaNow
Spanish
Portuguese
German
Italian
Danish
Japanese
Chinese Headlines
Korean Headlines
TIME INC. SITES:
CNN NETWORKS:
Networks image
CNN anchors
transcripts
Turner distribution
SITE INFO:
help
contents
search
ad info
jobs
WEB SERVICES:

New intrusion-detection devices debut

From...
 Network World Fusion

June 21, 2000
Web posted at: 10:47 a.m. EDT (1447 GMT)

by Ellen Messmer

(IDG) -- Established vendors and security start-ups last week announced their latest products and services for network intrusion-detection and outsourced security management.

Hewlett-Packard, Axent Technologies and start-up Sanctum debuted intrusion-detection software for corporate networks. Meanwhile, Raytheon announced BladeRunner, server-based software for monitoring internal corporate network traffic to prevent unauthorized transmission of sensitive material.

  MESSAGE BOARD
Insurgency
 

The latter product "identifies traffic-flow patterns to identify anomalies," says Jeff Waxman, president of Raytheon's newly formed information assurance product area in Linthicum, Md. "If the R&D department suddenly starts sending information out to the wide-area Internet, you'll know that."

Available for Unix or Windows NT and priced at $65,000, BladeRunner is a passive-listening device that can display the entire topology of a network to show what users are doing.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Top 5 intrusion detection downloads
  Should you hack back?
  The enemy within
  Denial-of-service victims share lessons learned
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  TechInformer
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for network experts
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

At its headquarters in Cupertino, Calif., HP unveiled the Praesidium Intrusion Detection System, software that protects HP's new version of Unix called HP-UX11i. The software costs $1,695.

"The Praesidium software detects unauthorized access, root exploits, buffer overflows or other unusual behavior and sends alerts to HP OpenView," says Roberto Medrano, general manager of Internet security solutions.

HP pushed two other security products out the door last week. The first was Web Enforcer, NT-based software that works to strengthen Web servers used in e-commerce by detecting security vulnerabilities and mending these holes on an ongoing basis. The software costs about $7,000 and includes service support.

HP says it has also beefed up its Web QoS product, software used with NT, HP-UX or Solaris to prioritize traffic. Web QoS can now detect and block some types of HTTP-based denial-of-service attacks, although Medrano acknowledges it won't readily protect against massive distributed denial-of-service attacks based on SYN Floods. Web QoS costs between $7,000 and $12,000.

Start-up Guardent also opens its doors this week with 75 employees set to provide security consulting. Dan McCall, founder and chief marketing officer, says the firm purchased the entire professional services practice at Secure Computing for an undisclosed sum. The company provides managed security services for companies ready to outsource in this area.

Another start-up, Sanctum - formerly Perfecto - unveiled its Linux-based AppScan, which lets a user remotely test Web applications to determine weaknesses that could be exploited in an e-commerce setting.

"It's a sort of a 'robohacker' that lets them manually simulate attacks and suggests how to fix things," says Eran Reshef, Sanctum's founder and senior vice president.

Set to ship next month for $20,000 per user, the software is being tested by Yahoo, Lycos and Exodus Communications.

Yahoo Engineering Security Officer Arturo Bejar says his staff is using Sanctum's AppScan to test Yahoo applications, such as its auction site, for possible holes.

"It gives us instant feedback on a set of basic important problems," Bejar says, pointing out hackers are constantly trying to break into Yahoo's Web servers in a multitude of ways, such as manipulating Common Gateway Interface scripts. The Sanctum products are the best he's seen so far for security protection on the application level, Bejar says.

Axent, which spars with Internet Security Systems (ISS) to claim market leadership in the intrusion-detection realm, weighed in last week with updated versions of its NetProwler vulnerability scanner and its host-based IntruderAlert detection software for Unix or NT.

Intrusion-detection software has to be constantly updated as new attacks are discovered, and NetProwler 3.5 can accept file downloads of new attack signatures from the Axent Web site.

Axent's top rival, ISS, weighed in last week to say it has become the first vendor to obtain export status of its intrusion-detection software, RealSecure 3.2.2, under the more lenient encryption export rules announced Jan. 14 by the White House.


 RELATED STORIES:
Michigan charges Web sites with privacy violations
June 19, 2000
A low-cost utility that hides your tracks
June 8, 2000
Online records becoming too public, Clinton official suggests
June 5, 2000
E5/Win2K security patch can lock out legitimate users
March 16, 2000
Credit-card numbers stolen via known security hole
March 13, 2000
RELATED IDG.net STORIES:
Top 5 intrusion detection downloads
(Network World Fusion)
Should you hack back?
(Network World Fusion)
FIDNET: Big Brother or burglar alarm?
(Computerworld)
Intrusion detection: a matter of taste
(Network World Fusion)
Few downloaded FBI tool to detect e-commerce attacks
(FCW.com)
The enemy within
(Network World Fusion)
Denial-of-service victims share lessons learned
(Computerworld)
Tripwire for DoS attacks
(The Industry Standard)
RELATED SITES:
Tripwire
Anzen Flight Jacket 3.0 for NFR
NetProwler 3.0
eTrust Intrusion Detection 4.1
Centrax 2.3
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 Search   
Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.