Re: fraud detection software for a bank

[Davin Enigl <davinenigl () comcast net>]

It's not as simple an "Open Source" solution. This is a complex subject.
It's best to hire a "large" (known) professional firm with a proven
reputation that specialises in this area. Detection and prevention are
expensive and time consuming.

Please read the following (or the equivalent): The CERT Guide to Insider
Threats: How to Prevent, Detect, and Respond to Information Technology
Crimes (Theft, Sabotage, Fraud) (SEI Series in Software Engineering) by
Cappelli, Moore, and Trzeciak.

For instance SNORT-like IPS can be used to detect exfiltration. SELinux
can be used to create Mandatory Access Control. Hardware Security
Modules can be used for access to high value servers. Yubikeys and SHA-2
hashing provide non-repudiation of user activity in audits of user logs.
Firewall logs can be reviewed. Wireshark can look at all data streaming
over a network that is not encrypted. Even then, you can use a MITM
proxy to look at the encrypted data before (and as) it goes out. There
are so many things you can do, it's ridiculous.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------