port80 Launches Version 2 of serverM Host-Based Intrusion Detection System
port80 (http://www.port80.com) has released version 2 of its popular host-based intrusion detection system. Capable of detecting a wide range of suspicious events on the Windows server platform, serverM is already proving an invaluable resource for defending internet-connected servers from hacker, script-kiddies, and threats from within the security perimeter.
serverM is unlike other host-based IDSs in that it provides an ‘open’ rules language, with a community of users exchanging new rules and signatures as the level of attacks rises. Rules definitions are easily exported and imported into serverM enabling the security community to cooperate on detecting attacks.
Rather than concentrating on specific attack signatures, serverM is capable of reacting to behaviour which is symptomatic of malicious misuse of computers.
With version 2, port80 has provided serverM with greater control over rule definitions with timed rules, and more finely grained rule constraints. SQL database alarm logging has been added, and a new real-time HTML reporting tool is now available.
port80 doesn’t believe in the growing trend in ‘point and click’ security products, and with an open rules language, and transparent rule definitions, security professionals can see exactly how their detection rules work, and adjust them to more effectively shadow their existing security policy.
Information on port80.com
port80 is a UK based internet consultancy company which has been offering corporate clients with internet security and process management advice for over 8 years. With past and present clients including Apple Computers INC, Toshiba, Alliance Unichem PLC, Axa Insurance, Woolworths PLC, and many others, port80 has gained a reputation for no-nonsense consultancy, and innovative solutions.
See http://www.port80.com for further information.