2011 was called the “Year of the Hack” by many bloggers and technical writers. They mentioned the top 10 hacks of the year, and how increasingly more complex and expensive the intrusions are becoming.
Is this trend behind us?
Of course not. 2012 has proven to be just as good a time as any to launch a full scale attack on a major corporation, and already, several have succeeded with huge costs to the victims. In some of these successful intrusions, one of the listed reasons for success is inadequate monitoring of sensitive systems. Which makes sense. Why would a thief walk into a bank in broad daylight with cameras, alarms, and guards standing around, when he can just go around the corner to the much-less monitored small business? Not only are systems with less or no monitoring systems easier to attack, but they also make great candidates for repeat business. In today’s world, having solid monitoring systems is not an option.
What is needed in a Security Monitoring Solution?
This seemly complex question really comes down to a simple answer – we need to see and analyze traffic entering the network from the world, as well as to key systems where sensitive data resides, watching for suspicious conversations, connection attempts, or data transfers. This includes access through the wireless environment. The best analysis systems will watchdog these connections and automatically monitor for security events, alerting engineers if something occurs.
What analyzers are needed to monitor the network?
These are just a few of the tools that are needed for a security solution. Sound expensive? Well, compare that to an attack! Monitoring and protecting key systems is the same as monitoring and protecting the business. So don’t be easy prey for attackers, invest in tools that will help to secure and watchdog the network and servers.
Author Profile - Chris Greer is a Network Analyst for Packet Pioneer. Chris has many years of experience in analyzing and troubleshooting networks. He regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. When he isn’t hunting down problems at the packet level, he can be found teaching various analysis workshops at Interop and other industry trade shows. Chris also delivers training and develops technical content for several analysis vendors. He can be contacted at chris (at) packetpioneer (dot) com.