Announcement

Collapse
No announcement yet.

Intrusion Detection without Firewall

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Intrusion Detection without Firewall

    Hi all,
    I know it's silly question but I really need the answer.

    How can I know if my system is being breaking into without Firwall?( Intrusion Detection : tools, operation for checking... ).

    Thanks.
    Love in vain is better than love no one.

  • #2
    Re: Intrusion Detection without Firewall

    why not using a firewall?
    is it for personal use or for a bussiness solution.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Intrusion Detection without Firewall

      Give Snort a try!

      http://www.snort.org/

      The only thing is that you need to know linux

      Michael
      Michael Armstrong
      www.m80arm.co.uk
      MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      Comment


      • #4
        Re: Intrusion Detection without Firewall

        Hi,

        For example, I suspect there's a intrusion in my computer but I don't have any firewall now. So I have to do the detection manually.

        Thanks,
        Love in vain is better than love no one.

        Comment


        • #5
          Re: Intrusion Detection without Firewall

          real time monitoring is i think the only solution.
          what happens on you're ports etcetc.. I think it's better to buy a firewall.

          http://www.linugen.com/services/ids.php
          However it is no use implementing an IDS without a firewall, as it is no use to install a burglar alarm without locking the doors first.
          http://www.computerworld.com/securit...security-78670

          http://downloads.securityfocus.com/l...00firewall.pdf

          http://searchsecurity.techtarget.com...781471,00.html

          some idea how it works... i thing...
          Last edited by Dumber; 14th February 2006, 17:39.
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: Intrusion Detection without Firewall

            Hi,

            I can not understand your question , could u tell me frankly then sure i will able to help u.

            shridhar

            Comment


            • #7
              Re: Intrusion Detection without Firewall

              Originally posted by shridhar76
              Hi,

              I can not understand your question , could u tell me frankly then sure i will able to help u.

              shridhar

              The OP wants to know if his/her system is compromised and being hacked into WITHOUT using a firewall.

              For this i would imagine you would need to use a packet sniffer and interpret each packet leaving and entering your machine.

              Why do you not have a firewall installed??

              Comment


              • #8
                Re: Intrusion Detection without Firewall

                Without a firewall, you should be able to detect if your system is being hacked when;
                • your files start disappearing
                • hard drive capacity is constantly reducing
                • bandwidth throughput is dramatically increased
                • hidden folder and/or file appear on your system
                • you get locked out of your system
                • etc
                • etc
                • etc


                Articles that I have read indicate an unprotected system will last 15 minutes connected to the Internet before being compromised. Personally I think 15 minutes is being very optimistic.
                1 1 was a racehorse.
                2 2 was 1 2.
                1 1 1 1 race 1 day,
                2 2 1 1 2

                Comment


                • #9
                  Re: Intrusion Detection without Firewall

                  also it's possible that the "hacker" has placed certain files on you're computer. but those files can also made been hidden with rootkits, which is not visable with the explorer or the command prompt. In such case, the only thing is reinstall..

                  so why aren't you using a firewall and a good AV?
                  Marcel
                  Technical Consultant
                  Netherlands
                  http://www.phetios.com
                  http://blog.nessus.nl

                  MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                  "No matter how secure, there is always the human factor."

                  "Enjoy life today, tomorrow may never come."
                  "If you're going through hell, keep going. ~Winston Churchill"

                  Comment

                  Working...
                  X