Database HIPS/HIDS

From: Fergus Brooks (fergusb_at_evolve-online.com)
Date: 08/28/03

  • Next message: klaus.dombrofsky_at_degussa.com: "IDS and portscan-detection" 
    To: <focus-ids@securityfocus.com>
Date: Thu, 28 Aug 2003 15:18:09 +0800

    Hi all,

    Can anyone tell me about good products & practices for analysing
    specifically database traffic for threats and potentially acting on
    them? I am interested in all major database products and platforms.

    Asides from the standard HIDS offerings. For this assume that users on
    the same network as the database/s in question are not trusted.

    Thanks and regards...

    ___________________________________________
    Fergus Brooks - Senior Security Consultant
    Evolution Security Systems Asia
    fergusb at evolve-online dot com
    www.evolve-online.com

    ___

    Confidentiality: This e-mail and its attachments are intended for the
    above named only and may be confidential. If they have come to you in
    error you must take no action based on them, nor must you copy or show
    them to anyone; please reply to this e-mail and highlight the error.

    Security Warning: Please note that this e-mail has been created in the
    knowledge that Internet e-mail is not a 100% secure communications
    medium. We advise that you understand and observe this lack of security
    when e-mailing us.

    Viruses: Although we have taken steps to ensure that this e-mail and
    attachments are free from any virus, we advise that in keeping with good
    computing practice the recipient should ensure they are actually virus
    free.

    ______________________________________________

     

    ---------------------------------------------------------------------------
    Attend Black Hat Briefings & Training Federal, September 29-30 (Training), October 1-2 (Briefings) in Tysons Corner, VA; the world’s premier
    technical IT security event. Modeled after the famous Black Hat event in
    Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
    Symanetc is the Diamond sponsor. Early-bird registration ends September 6 Visit: www.blackhat.com
    ---------------------------------------------------------------------------

  • Next message: klaus.dombrofsky_at_degussa.com: "IDS and portscan-detection"

    Relevant Pages

    • Re: Best Practice for SQL Server security
      ... best practices ... before our creation and the security is our first area of concern. ... there is a .NET 1.1 COM layer that handles all database ...
      (microsoft.public.sqlserver.security)
    • Best practise for SQL Server 2000 Security
      ... Who can give me a simple checklist to follow (best practices for security) ... right after installing a server or a database, ... I'm using books to teach myself about SQL Server, ...
      (microsoft.public.sqlserver.security)
    • Re: setting a password on a button on the switchboard
      ... Could you send me the sample database for the fourth option (4. ... > Security in an Access database can probably be broken down into two big ... > points about being easier than User Level Security, ... > What type of data are you trying to protect? ...
      (microsoft.public.access.forms)
    • Re: access 2003
      ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ...
      (microsoft.public.access.conversion)
    • Re: access 2003
      ... security in access 2003. ... The data will go on the server and the program database ... than the alternative of creating an mde file. ... MDW file from the written record. ...
      (microsoft.public.access.conversion)