Wednesday, April 24, 2024
Latest:

Eduguru

Tech Blog and Discussion

Ethical Hacking IT Security 

The Inner Workings of an IDS

Krishna , ,

The main purpose of an IDS is to detect and alert an administrator about an attack. The administrator can then determine, based on the information received from the IDS, what action to take.

An IDS functions in the following way:

  • The IDS monitors network activity for anomalies—that is, signatures or behaviors that may indicate an attack or other malicious behavior. If the activity detected matches signatures that the IDS has on record or a known attack, the IDS reports the activity to an administrator for them to decide what to do. Based on the configuration in place on the IDS, the system can also take additional actions, such as sending text messages, paging someone, or sending an e-mail.
  • If the packet passes the anomaly stage, then stateful protocol analysis is done.

 

Posts to Review:

Default ThumbnailDefending Against Insider Attacks Default ThumbnailDetermining What’s Running on Open Ports Default ThumbnailChecking Physical Security Default ThumbnailOvert and Covert Channels