I'm designing a IDS to my company, linux and windows. There are many tools for implement this architecture over network and host. I advice to you search tool for hacking, and do ethical hacking (port scanning, exploits, sniffers, network traffic analyzer, etc). you should search it at: www.sourceforge.net www.freshmeat.net -----Mensaje original----- De: Derrick Lewis [mailto:dlewis@linuxsecurity.com] Enviado el: lunes, 19 de agosto de 2002 10:00 Para: security-discuss@linuxsecurity.com Asunto: Intrusion Detection System Implementation (Proposal) I am doing research on possible Intrusion Detection System Implementation for a friend of mine who sent me an RFP (Request For Proposals). The RFP involves assisting XYZ company in its HIPAA Program remediation planning and implementation as a result of the mandated Health Insurance Portability and Accountability Act of 1996 (HIPAA) requirements. Some of the RFP is clipped below. I wanted to know if anyone on the list has had any experience doing such a task? If so, can you point me to resources on that would assist me in completing this task? Thanks. -D Objective 3: Intrusion Detection System Implementation Implement a Host and Network based Intrusion Detection System (IDS) that will monitor activities on the servers and network. If unwanted activity is detected, an event notification would be sent to the appropriate person. Intrusion Detection System Implementation Deliverables: -Develop detailed project plan and timelines for project management. -Develop a Strategy and Requirements documents. This document should include Business Requirements, Technical Requirements, ROI analysis and in-source vs. out-source analysis. -Perform a risk and needs analysis to determine what type (network based, host based, etc.) of IDS and how many. -Identify intrusion detection technologies that would best work for XYZ Companies model. -Develop an RFP based on the previous steps to purchase an IDS product. -Periodically test the effectiveness of the IDS over the next several quarters by performing a planned and staged hack of the network. -Identify the policies and procedures that will be needed to support IDS implementation. -- Derrick Lewis Assistant Site Manager LinuxSecurity.com (201) 934-9230 "The Linux Community's Center for Security." dlewis@linuxsecurity.com http://www.linuxsecurity.com ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message. ------------------------------------------------------------------------ To unsubscribe email security-discuss-request@linuxsecurity.com with "unsubscribe" in the subject of the message.
