On Tue, May 25, 2010 at 2:22 PM, John Joseph <[email protected]> wrote: > Hi > I am trying to build proper monitoring and control mechanisms for detection >and prevention of security breaches in corporate environment, >
security breach is a very broad term. Well let us try to categorize it into two keeping in mind that this is not the only way to categorize them. 1) Intrusion - threat from ouside the corporate network 2) Extrusion - threat from inside or internal Intrusion Intrusion is easier to prevent than extrusion. >There are lots of open source and proprietary tools out there . >Before starting up I would like to get advice from >people who had really into to this field . >Any links to the blogs , documentation will be a great help to me > One of the main components in preventing Intrusion is having a secure firewall with the latest patches applied. I always go for http://www.openbsd.org/faq/pf/index.html It is secure,simple and flexible. Updating the patches in given in http://www.openbsd.org/stable.html I ve been using it from release 3.5 and it had done well. Then Anti-Virus Software with latest signatures on work station that access the Internet is another very important aspect. Along with it goes OS security updates. Extrusion is a bit more difficult to prevent especially with the advent of trojan soft wares like team viewer etc. A good book on it is http://www.flipkart.com/book/extrusion-detection-richard-bejtlich-security/0321349962 --Siju _______________________________________________ Indian Libre User Group Cochin Mailing List http://www.ilug-cochin.org/mailing-list/ http://mail.ilug-cochin.org/mailman/listinfo/mailinglist_ilug-cochin.org #[email protected]
