Security Alerts and How to Bypass

Printable View

June 11th, 2003, 07:54 PM
jhollings

Security Alerts

I was talking to a friend who is a network professional. He told me that his systems where impenetrable. He went on to say that the second that a "hacker" enters the system pages him. I'm wondering if any one can tell me more about that feature. -JHollings
June 11th, 2003, 08:28 PM
snow_crash

THIS IS NOT WHAT THIS SITE IS ABOUT!

And further, there is probably no way to disable the page from reaching your "friend" if he knows what he is doing. The moment a remote IP enters the system, he is probably made aware of it, unless he has pre-authorized it.

That is all. I would suggest deleting your post before you get negged.
June 11th, 2003, 08:32 PM
MemorY

i think he just configured a firewall to send the information to him whenever a break-in is detected ...
June 11th, 2003, 08:41 PM
jhollings

Snow,
Ever heard of Network Penetration Testing? Just wondered there. No need to attack people for trying to find things out. -Jhollings
June 11th, 2003, 08:48 PM
DjM

I have configured my Intrusion Detection Systems to do exactly the same thing for me. To disable it you would have to hack the IDS, which is a catch 22 because as soon as you try, I am going to be paged. The other way would be to have physical access to my IDS and modify them from within my network, also not likely going to happen as you would likely have to social engineer me to get the access, and I am getting to old to fall for that.

Cheers:
June 11th, 2003, 08:53 PM
Maverick811

Re: Security Alerts and How to Bypass

Quote:

Originally posted here by jhollings
I was talking to a friend who is a network professional. He told me that his systems where impenetrable. He went on to say that the second that a "hacker" enters the system pages him. I'm wondering if there is a way to disable that from the outside and/or if any one can tell me more about that feature. -JHollings

Let me go on the record here and say that no system, network, etc, is impenetrable. I'm a firm believer that there is always a way in, no matter how long it may take to find it. Stating that a system is impenetrable is a ridiculous statement.

He's probably using a Intrusion Detection System (IDS) that alerts him when it detects an attacker. Snort is an example of an IDS. As far as disabling it from the outside, I guess that would depend of the IDS he has running, etc. EDIT: Djm made a good point about disabling an alert from the outside..

Remember, a firewall, IDS, etc is only as good as it's configuration files.. You could have the best, most impenetrable firewall on the market, but if you configure it wrong, you're screwed...
June 12th, 2003, 05:01 PM
jhollings

Thanks Guys you have been of help to me. I will do some reading on IDS systems... -Jhollings