MANAGEMENT OF SECURITY IN TCPIIP HOSTS USING DEDICATED MONITORING APPLICATIONS Rui Costa Cardoso and Mano M. Freire Networks and Multimedia Group, Institute ofTelecommunications- Covilhä Lab Department of Informatics, University of Beira Interior Rua Marques d'Avila e Bolama, P-6200-001 Covilhä, Portugal Abstract: In this paper, we present an approach for detection of vulnerabilities in network systems, using autonomous applications. The main aim is to enable the dynamic, intelligent and autonomous detection of vulnerabilities and exposures in systems and to make it available to network administrators. Our approach will reduce the amount of data sent to network administrators by currently used tools, and therefore present only relevant information preprocessed by our application, which by it self can bring a natural enhancement to the performance ofthe network overall security. Key words: Network Security, Vulnerabilities. 1. INTRODUCTION There are innumerous security problems that arise from the use of networked environments. Today's networks are bigger and complex. There are many elements to manage in a network (hosts, switches and routers). Making every active element of the network secure, it is a sizable task, which is liable to allow security breaches. Moreover, system administrators often found themselves attacked before they even knew the existence of the vulnerability. Hackers often access to that information before the vendors are able to correct the vulnerabilities and it is difficult for network administrator to keep update. There is also lack of skills among system administrators to security tasks. Monitoring for vulnerabilities and security breaches, verify © The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35703-4_21 D. Gaïti et al. (eds.), Network Control and Engineering for QoS, Security and Mobility II IFIP International Federation for Information Processing 2003