Nids

Only available on StudyMode
  • Topic: Intrusion detection system, Network intrusion detection system, Network switch
  • Pages : 9 (2445 words )
  • Download(s) : 28
  • Published : March 28, 2013
Open Document
Text Preview
“Network intrusion detection system (NIDS) is an independent platform that identifies intrusions by examining network traffic and monitors multiple hosts. Network intrusion detection systems gain access to network traffic by connecting to a network router, network switch configured for port mirroring, or network tap.”

Akhila Isuranga
44172

Content
1. Overview
1.1 What is Internet Security?
1.2 Intruder
2. Network intrusion detection system (NIDS)
2.1Signature base detection
2.2 Anomaly detection base
3. Architecture of NIDS
3.1Component of NIDS
3.2 Sensor placement in NIDS
4. Traffic controlling of a network
5. DMZ – Demilitarized zone.
6. Snort
6.1 What’s snort?
6.2 Architecture of Snort
6.3 Rules content
6.4 Snort download and installation
6.5 Snort configuration
6.6 Traffic capturing

7. Vulnerabilities and Attacks vs. NIDS
8. Capabilities of NIDS monitoring:
9. Disadvantages of NIDS
10. References

1. Overview

1.1 What is Internet Security?
In today’s environment we need to contact each other through networks. Most of the devices or networks are interconnect to other devices or networks. As a result of this connection you are able to share your files, documents, etc. but when you are sharing you need to connect to a network and to the internet. When you connect to the internet you are taking a risk, cause your sharing files or documents may visible to others or intruders can steel your important files without a leaving a single mark. As a result of this Internet Security was introduced to protect your system from intruders.

1.2 Intruder
Intruder is a person who is trying to connect to your network without your prior permission. There are two types of intruders. * Insider – insider is the most dangerous type of intruder. This person is who has a permission to enter your network. Most insiders are trying to mischief or steel your files. It is very hard to recognize an Insider (intruder), because he is in a safe environment who is misusing his privileges. * Outsider - outsider is a person who is in outside of your organization. This person is trying to enter your network without your permission. Outsider can be a Cracker or Hacker.

2. Network intrusion detection system (NIDS)
Nowadays, wide variety of unauthorized network accesses, viruses, Trojans, worms and much more are threating to network security. As a reason of that, keep a secure and monitored network is best roll of network security. “Network intrusion detection system (NIDS)" has introduced to reach those security achievements. NIDS tends to be make a secure traffic monitored system in network to identify and handle suspicious activities, which can be an attack to network or unauthorized operations. Network intrusion detection system (NIDS) and Host Intrusion Detection Systems (HIDS) are clusters of Intrusion detection system (IDS) which has deferent variety of, reach the goals of detecting, securing and reporting suspicious traffic in different ways. NIDS used to monitor and analyse, data packets which travel over through the network. Monitored traffic used to reach NIDS aims such as detecting unauthorized activates, network misuse and spread of virus. In a small network, NIDS could be link to particular switch, hub, router or server. But in large computer networks, intrusion detection system should be link to network backbone to have a effective service from NIDS. There are two types of basic NIDS implementation approaches, * Signature base

* anomaly detection base
2.1 Signature base detection:
Collection of known security threat’s signatures (ex: DOS attacks, viruses) used to maintain the NIDS. Each signature characterizes profiles of the treats which used to match with data traffic that going over the network. When the collection of signatures matches a threat on network, security action should be pop up. The actions...
tracking img