Re: Good logging and real-t

Yalda Mirzai (Yalda.Mirzai@amgen.com)
20 Nov 1995 11:00:58 U

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dr. Frederick B. Cohen: "Re: I got an intruder ..."
Previous message: Pamela Hovland: "introduction"
Next in thread: Doug Hughes: "Re: Good logging and real-t"

        Reply to:   RE>>Good logging and real-time alert tools ?

Andy,

Is this product truly "real-time"? How does it intercept unauthorized
activity?

In my search for "real-time" security products, I have found that most
products are simply "after the fact" security reporting tools.

Also, these products either took the approach of replacing operating system
command files or altering the UNIX Kernel to include security features. As
you probably agree, there are drawbacks to both approaches.

I recently found a product called SeOS from Memco. Their approach is to
redirect kernel pointers to tables that contain security rules and access
permissions. By the way, these tables are encrypted. Also, you can track
users even if they have changed their indentity to root or superuser. It also
has a GUI for administration purposes.

If "Security Manager" addresses security challenges in this fashion, I can
have my people evaluate it.

Regards,

Yalda Mirzai
ymirzai@amgen.com
__________________________________________________________
Consistency is the last refuge of the unimaginative.   -Oscar Wilde
(1854-1900)
Amgen 

[Quoted Article Removed]

Next message: Dr. Frederick B. Cohen: "Re: I got an intruder ..."
Previous message: Pamela Hovland: "introduction"
Next in thread: Doug Hughes: "Re: Good logging and real-t"