I'm a newbie who has subscribed to this list for about 5 months. This is
my first post so please be gentle. I've been assigned the task of
researching firewall technologies for my companies products. We have a
NT based WWW product which needs to access a database server (via ODBC)
which will reside behind a firewall. We're basically trying to just be
flexible about security in terms of fitting in with a given customer's
security setup. We have a customer who has a firewall (not sure which
one) running on a Unix box. Their security guy knows the Unix world and
has indicated to us that there is some software running on their Unix box
which can detect if the system is being compromised and do something like
shutdown that connection, log the event, etc. They wanted to know if we
knew of any similar code which could run on the NT box to perform the
same function. This information came to me third hand, so obviously I'm
missing details. For all I know, the software they are talking about is
actually part of the firewall they are running on the Unix box. After
sitting on this list for 5 months and doing additional research on
firewall technology out there, I know that this type of functionality is
incorportated into some of the firewall products out there. I have a
couple of questions:
If this "Compromise Detection" software is, in fact, a separate piece
of code which is not part of the firewall software, is there a
"generic" name for such an animal in the Unix world ?
If there is a generic name for this type of software, does anyone know
if such an animal exists for the NT world ?
Thanks in advance.
Roy Berger
Mission Critical Technologies
|
|
