Intrusion Defense:
Originally, castles were made of wood, until a clever soul realized that you could light the end of an arrow with fire, shoot the castle from afar, and burn it to the ground. This quickly led to the building of stone castles which were largely resistant to fire attacks. Much like this, attacks against largely unprotected networks in the early to mid 1990's led to the need to deploy firewalls.
These devices were so effective for the next few years, the common belief was that all you needed for intrusion defense was a firewall. Unfortunately, this mentality remained intact to a large extent until just a couple of years ago.
During these "dark ages" where companies and networks felt protected behind their Magi not Line type defenses, several things changed in the way in which an attacker would attempt to compromise a network. Exploiting known vulnerabilities was a common method. Running a port scan and identifying services that were available such as FTP or Telnet. These could then be compromised using brute force attacks (breaking a username and password based on using either dictionary words, or systematically trying all possible combinations). Attacks like these were largely unorganized with a successful attack usually leading to the hosting of illegal programs, pornography or the defacement of a web site.
If you wanted to impress your customers, you had a web site. Next, your web site had to be interactive with all sorts of services such as online banking or other transactional applications. Each one of these services being offered to customers added another intrusion door attackers could use to compromise networks.
I know of a successful attack of a network that led to the compromise of 20 million dollars in intellectual property. In this instance the attackers waited patiently "pinging" or checking to see if the firewall was active every five minutes for more than 18 months. During a service release where something wasn't working right, the company that was being monitored thought the firewall might be the problem and took it temporarily offline. During the following 23 minutes, all the intellectual property of the company was stolen.
Intrusion defense solutions:
Pressure from partners, vendors, travelers, telecommuters, and others with the promise of a new ease and speed of doing business have forced companies to open their private networks to 3rd party and other remote connections. Each of these has a unique set of security risks and challenges that are often overlooked.
I couldn't write this paper without making the obvious Trojan horse parallel. But this type of attack (in addition to malware, spyware, and other programs) has literally exploded recently. These attacks can permit remote attackers to do anything from keystroke logging to full remote control and are now commonplace. Combine this with peer-to-peer applications, instant messaging, and malware sites, and now your employees become the largest liability you have.
Learn more about intrusion defense.
