June 17th, 2002, 01:40 PM
NEWS: Entercept hardens anti-hacker blockades
Server and operating system security house Entercept Security Technologies has bolstered its intrusion-prevention software to provide protection against the latest hacking techniques, putting a stop to the Return into Libc buffer overflow exploit that hackers use to gain root access to machines.
The software works by identifying executable code that comes from unchecked buffers, effectively blocking the code before it can do any damage. Advanced lock-down features known as Vault Mode have also been added. Entercept 2.5 introduces a new level of intrusion prevention by locking critical operating system files and settings.
The system can be used to adjust security levels as business demands change, allowing administrators to progressively increase the security of systems, from monitoring mode to secure-prevention mode, and finally to vault mode.
Entercept develops server security products that prevent access to server resources to ward off any unauthorized activity. It provides protection beyond the firewall by taking action to stop hacker attacks before they cause damage. The Entercept suite is designed to prevent host computer attacks by providing a driver that operates at the kernel level of an operating system or web server. This intercepts calls and fends off assaults using attack signatures, or known patterns and behavioral rules to pinpoint unusual traffic.
San Jose, California-based Entercept started out as ClickNet Security Technologies and changed its name January 2001 after securing $33m in funding. It said Version 2.5 is now generally available through the company's authorized resellers and partners that include Cisco, Check Point and Netforensics. Priced to start at about $1,295 for each server protected, Entercept 2.5 supports Window NT and 2000 and Solaris 2.6, 2.7, and 2.8.