Manualshelf

HP-UX Host Intrusion Detection System Version 4.2 Administration Guide

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
11121314151617181920
1 Introduction
This chapter introduces the HP-UX Host Intrusion Detection System (HP-UX HIDS) software,
an HP-UX product that enhances the local host-level security within your network.
This chapter addresses the following topics:
“Importance of Intrusion Detection” (page 19)
“HP-UX HIDS Functionality” (page 23)
“HP-UX HIDS Limitations” (page 23)
“HP-UX HIDS Components” (page 24)
“Glossary of HP-UX HIDS Terms” (page 26)
Importance of Intrusion Detection
Some threats faced by almost all businesses today are the following:
Loss of financial assets
Financial institutions are vulnerable even to trusted employees. With the advent of Internet
technology, several financial institutions transfer millions of dollars over computer networks.
In addition to easy access, this technology has made the whole financial industry vulnerable
to attacks.
Loss of intellectual property
Intellectual property refers to unique knowledge or ideas about technology a company owns.
Intellectual property can be the design of a new engine, the code to a new software product,
or even the customer contact list. Intellectual property must be handled with utmost care.
Companies around the world face this challenge everyday.
Loss of computing resources
Information is of no use if it cannot be acted upon, and not having the computing resources
available to process information renders it useless. Any company that offers its customers
an online service is acutely aware of the potential losses that can result from even a minute
of downtime. This is especially true in the case of web services. Lack of availability of critical
computing resources because of malicious actions is a serious threat faced by any company
doing business on the Internet today. Loss of business (measured in dollars) can be significant.
Harder to quantify, but more damaging in the long term, is the loss of consumer confidence
in a business that suffers an online attack. Another example of a loss of a critical computing
resource is a corporate email system crash. When the outage is caused intentionally by an
attacker who is continually disrupting business, the financial cost to a company can be very
high —lost sales or miscommunication with customers, for example.
Loss of privacy
Privacy is a serious security concern in the medical, insurance, and banking fields. If a
computer system is broken into by an external attacker, sensitive data may be obtained that
can leave a company liable to legal action because of a lack of due diligence to protect
sensitive data.
Who are the Perpetrators?
Perpetrators of security attacks most often are not outsiders who roam the Internet, but your
own employees, whom you trust with your critical data and systems. Unreliable employees who
have an intimate knowledge of systems and network can abuse their positions of trust. However,
most effort has been expended in defending against the perceived threat from outside. As a
result, most security solutions have focused on firewalls and web servers, completely ignoring
Importance of Intrusion Detection 19