REDO

Surname: 1

Name: Sindhu Potla

Course: Disaster Recovery

Date: 12/06/2019

The two open-source and freeware intrusion detection tools I found to have commercial equivalent include Open Source Security (OSSEC) and Suricata. For instance, OSSEC offers inclusive host-based infringement recognition across several platforms such as Solaris, BSD, Mac, and VMware and also helps the organization meet its predefined compliance requirements to include PCI DSS. On the other hand, Suricata it detects an intrusion in the system and the entire network security monitoring security (Relevanttechnologies.com, 2019). Suricata is a low-cost tool that aids to offer greater insight into a network while OSSEC can help an organization in cost-saving and efficiencies since it can operate for the long term when implemented correctly and has no other associated costs.

Accordingly, the Intrusion Prevention Systems (IPS) is network security that aims at detecting and preventing recognized threats and continuously monitors the network, looks for probable malicious incidents and taking information about them (Renaud, 2018). Again, another IPS characteristic is that it can report malicious events to system officers and takes defensive action, such as closing access areas and configuring firewalls to avoid future attacks. The solutions from IPS can be used to recognize matters with commercial defense rules preventing employees and network guests from violating the rules (Jackie, 2019). Besides, IDS and IPS have no close cost difference but are distinctive on how they work, for instance, IDS do not take actions on their own while IPS accepts and rejects a packet based on the set of rules.

The honeynet.org is an international 503c3 non-profit security organization that is dedicated to investigating the latest attacks and threats and develops open source security tools to enhance security (TheHoneypot.com, 2019). It was founded in 1999 and has contributed to fighting against malware and malicious hacking threats as well as leading security experts among other members thus providing information security information since it volunteers to collaborate on security research efforts consisting of data analysis techniques.

Overview: GLASTOPF-A Dynamic, low-Interaction web application Honeypot

The current web attacks make up to 60% of the total internet attacks and web applications both for a public or private company or personal can lead to leakage of data to unauthorized individuals. Glastopf is a low-interaction web application Honeypot competent of emulating several vulnerabilities to collect data from threats based on web applications (TheHoneypot.com, 2019). It works by simply replying to the attack using the response the hacker is expecting from his attempt to exploit the web application.

From my research, I found out the different port number and their corresponding hacker programs such as Port No. 2-Death Trojan, 5-Midnight Commander, 15-B2 Trojan, 22-shaft, 21-Doly Trojan and 48-DRAT. Information Security managers should be concerned about these programs since they are capable of retrieving sensitive information about an organization such as workers' emails, certificates, banking details, and login credentials as well as these programs can use the firm’s computers to attack other computers. The use of a firewall, installing antivirus software or anti-spyware package, the use of complex passwords, updating OS, apps, and browsers frequently can help prevent these programs from causing many threats.

References

TheHoneypot.com, (2019). Retrieved from https://www.honeynet.org/papers/whitepapers/glastopf-a-dynamic-low-interaction-web- application-honeypot/

Relevanttechnologies.com, (2019). Hacker Ports. Retrieved from http://www.relevanttechnologies.com/resources_4.asp

Jackie, D., (Jan 2019). 12 Ways to secure your computer from hackers. Retrieved from https://www.businessnewsdaily.com/11213-secure-computer-from-hackers.html

Forcepoint.com, (2019). What is an Intrusion Prevention System (IPS)?. Retrieved from https://www.forcepoint.com/cyber-edu/intrusion-prevention-system-ips

Renaud, L., (August 2018). Top 10 Intrusion Detection Tools: Your Best Free Options for 2019. Retrieved from https://www.addictivetips.com/net-admin/intrusion-detection-tools/