Network intrusion monitoring and reporting using e-mail and sms

Abstract

The fundamental problem with any security administrators today is its ability to cope with the rising amount of network intrusions. Network security is fast becoming an absolute necessity to protect the information contained on computer systems worldwide. With 40 per cent of the global economy driven bye-business, attacks on networks are becoming more frequent, more varied, and more costly. The need for increased protection of information assets in storage, in transit, and during access has driven companies to look to vendors to provide products that ensure that their privacy is protected. The ever changing network use and operation along with the public concern for protection of sensitive information makes implementing an effective security plan a must. This includes many different pieces of software and hardware working together to provide the desired protection. Network Intrusion Monitoring and Reporting Using Electronic mail and Short Message Service (NIMRUES); an intrusion detection and monitoring system that involves capturing intrusion occurrences in Windows operating system security event log files. Once the intrusion is detected the message is captured and converted from Windows proprietary binary format to plain text format that is send to alert the security administrator through E-mail and SMS. Upon receiving this alert message the administrator will take necessary jaction(s) before serious negative impact is caused. The developed NIMRUES prototype is based on XAMPP server which provides an integrated system of servers i.e. Mercury 32 mail server for sending E-mails, Apache web server for provision of web hosting; the web address http://iocalhost/nimrues.net provides an interface to access error information stored in My SQL database server by use of a web browser software. The retrieval of error messages in the back end (database) is facilitated by use of php scripting which the XAMPP server is able to parse. Java Eclipse has been used integrate SMSLib tools to send errors messages to the security administrators phone before been written to the database.