Share Email Print

Proceedings Paper

Verifying the secure setup of UNIX client/servers and detection of network intrusion
Author(s): Richard Feingold; Harry R. Bruestle; Tony Bartoletti; R. Allyn Saroyan; John M. Fisher
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

This paper describes our technical approach to developing and delivering Unix host- and network-based security products to meet the increasing challenges in information security. Today's global `Infosphere' presents us with a networked environment that knows no geographical, national, or temporal boundaries, and no ownership, laws, or identity cards. This seamless aggregation of computers, networks, databases, applications, and the like store, transmit, and process information. This information is now recognized as an asset to governments, corporations, and individuals alike. This information must be protected from misuse. The Security Profile Inspector (SPI) performs static analyses of Unix-based clients and servers to check on their security configuration. SPI's broad range of security tests and flexible usage options support the needs of novice and expert system administrators alike. SPI's use within the Department of Energy and Department of Defense has resulted in more secure systems, less vulnerable to hostile intentions. Host-based information protection techniques and tools must also be supported by network-based capabilities. Our experience shows that a weak link in a network of clients and servers presents itself sooner or later, and can be more readily identified by dynamic intrusion detection techniques and tools. The Network Intrusion Detector (NID) is one such tool. NID is designed to monitor and analyze activity on the Ethernet broadcast Local Area Network segment and product transcripts of suspicious user connections. NID's retrospective and real-time modes have proven invaluable to security officers faced with ongoing attacks to their systems and networks.

Paper Details

Date Published: 12 March 1996
PDF: 10 pages
Proc. SPIE 2616, Information Protection and Network Security, (12 March 1996); doi: 10.1117/12.232268
Show Author Affiliations
Richard Feingold, Lawrence Livermore National Lab. (United States)
Harry R. Bruestle, Lawrence Livermore National Lab. (United States)
Tony Bartoletti, Lawrence Livermore National Lab. (United States)
R. Allyn Saroyan, Lawrence Livermore National Lab. (United States)
John M. Fisher, Lawrence Livermore National Lab. (United States)

Published in SPIE Proceedings Vol. 2616:
Information Protection and Network Security
Viktor E. Hampel; Clifford B. Neuman; John Perry Barlow, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?