McAfee Aims to Prevent Linux Attacks

McAfee is looking to help protect against what it calls a dramatic increase of attacks on Linux systems. The company's Entercept intrusion prevention system -- already available for Windows and Solaris -- uses a combination of behavioral rules, signatures and a firewall to protect IT infrastructure from attack.

The security software maker ported the Entercept server agent to Red Hat Enterprise Linux 3 because of what it considers to be a rapid rate of adoption for the open source platform. McAfee says that as Linux is more broadly installed, attacks against it have increased with more exploits targeting Web-facing Linux applications.

According to McAfee, attacks against Linux applications have risen dramatically. McAfee points to security bulletins found at Secunia as evidence, deeming it, "one of the most reliable sources we use for vulnerability awareness."

McAfee has mapped out extending support to other Linux distributions beyond Red Hat. Explaining why Red Hat was the first Linux distribution to be supported, Dan Wolff, the senior product marketing manager for Entercept, said, "Red Hat is the most prominent platform in use by our customers at this time."

McAfee claims that it is the only vendor to combine both behavioral rules and intrusion prevention signatures. As previously reported by BetaNews Entercept for Linux was available in beta form in March.

The retail release will be available through McAfee direct sales and channel partners on June 16, 2005. Existing McAfee customers will be able to procure Entercept for Linux under the terms of their maintenance agreement with McAfee.

More information on Entercept is available at McAfee's Web site.