A Professional Internet Security Provider

Timely Security Issues HIPAA Compliance Small Business IT Safety Solutions SNMP and DHCP Web Worms Honeypots SOAP/XML Interfaces Service Offerings Custom VPN Work Security Certification Policy Facilitation Intrusion Detection Systems Integration Other Services Products and Partners Security Tools Spam Control Custom Software Partners Resource Library Internet Security Corporation About Us

Intrusion Detection This consists of three services: 1) helping you choose hardware and intrusion detection software to conform to your security policy, 2) installation and configuration of intrusion detection software, and 3) event log analysis to look for signs of network surveillance or compromise by intruders. Our GIAC-certified intrusion detection personnel can function as a technical go-between for interfacing with law-enforcement agencies, if it is desirable to bring them in. 1) Port Scanning Detection Software We can consult with you to determine the relative pros and cons of network hardware and configuration for your organization. This includes operating system specific security issues, and choice of firewall design and port scanning detection software. Generally we're agnostic about software, and can recommend snort, scanlogd, or PortSentry for the various flavors of Unix, and Genius 2.0, BlackICE, Tiny Software, or ZoneAlarm for the Microsoft product line. 2) Installation and Auditing No security software can be installed out of the box and reasonably be expected to simply be secure as-is. Some kinds of intrusion detection can even open up security holes. As with a home alarm system or any other intrusion detection system, it must be installed by a professional and certified to be secure by actually testing it. Our network of the best pros in the business can make sure that when you install your brand new firewall that you are indeed safe from all but the most capable, determined, and well-equipped intruders. 3) Managed Security, aka log analysis So-called managed security is really analogous to a cop on the beat checking the doors and windows for signs of breakage or tampering. We look through log files for signs of a potential intruder mapping out your network or identifying your resources or users. We can also implement custom adaptive detection schemes to sensitize alarms to certain kinds of traffic. We can customize schemes to minimize both Type I and Type II errors, that is, false negatives and false positives, as appropriate for your organization. There are a number of robotic monitoring software packages available to send email alarms when well-defined events occur, but without some sense of definition, these are blunt tools. We can implement these tools precisely and in a deliberate way to identify the more professional and dangerous Internet sources of threat.

---

webmaster@internet-security-corp.com

Last modified: Thu Jun 27 18:51:59 PDT 2002