Manualshelf

HP-UX Host Intrusion Detection System Version 4.4 Administrator Guide (5900-1634, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
11121314151617181920
1 Introduction
This chapter introduces the HP-UX Host Intrusion Detection System (HP-UX HIDS) software, an HP-UX
product that enhances the local host-level security within your network.
This chapter addresses the following topics:
“Importance of Intrusion Detection (page 13)
“HP-UX HIDS Functionality” (page 17)
“HP-UX HIDS Limitations (page 17)
“HP-UX HIDS Components (page 18)
“Glossary of HP-UX HIDS Terms (page 20)
Importance of Intrusion Detection
Some threats faced by almost all businesses today are the following:
Loss of financial assets
Financial institutions are vulnerable even to trusted employees. With the advent of Internet
technology, several financial institutions transfer millions of dollars over computer networks.
In addition to easy access, this technology has made the whole financial industry vulnerable
to attacks.
Loss of intellectual property
Intellectual property refers to unique knowledge or ideas about the technology a company
owns. It can be the design of a new engine, the code to a new software product, or even the
customer contact list. It must be handled with utmost care. Companies around the world face
this challenge everyday.
Loss of computing resources
Information is of no use if it cannot be acted upon, and not having the computing resources
available to process information renders it useless. Any company that offers its customers an
online service is acutely aware of the potential losses that can result from even a minute of
downtime. This is especially true in the case of web services. Lack of availability of critical
computing resources because of malicious actions is a serious threat faced by any company
doing business on the Internet today. Loss of business (measured in dollars) can be significant.
Harder to quantify, but more damaging in the long term, is the loss of consumer confidence
in a business that suffers an online attack. Another example of a loss of a critical computing
resource is a corporate e-mail system crash. When the outage is caused intentionally by an
attacker who is continually disrupting business, the financial cost to a company can be very
high —lost sales or miscommunication with customers, for example.
Loss of privacy
Privacy is a serious security concern in the medical, insurance, and banking fields. If a computer
system is broken into by an external attacker, sensitive data may be obtained that can leave
a company liable to legal action because of a lack of due diligence to protect sensitive data.
Who are the Perpetrators?
Perpetrators of security attacks most often are not outsiders who roam the Internet, but your own
employees, whom you trust with your critical data and systems. Unreliable employees who have
an intimate knowledge of systems and network can abuse their positions of trust. However, most
effort has been expended in defending against the perceived threat from outside. As a result, most
Importance of Intrusion Detection 13