Free

Security Network Intrusion detection system (IDS) - Essay Example

Comments (0) Cite this document
Summary
A network intrusion detection system (NIDS) keeps a check on the network traffic, signals when it encounters a security breach, a malicious activity or an attack, and obstructs the source IP…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER95.9% of users find it useful
Security Network Intrusion detection system (IDS)
Read TextPreview

Extract of sample "Security Network Intrusion detection system (IDS)"

Network Intrusion Detection System Introduction Intrusion detection and prevention is vital when it comes to a network’s security. A network intrusion detection system (NIDS) keeps a check on the network traffic, signals when it encounters a security breach, a malicious activity or an attack, and obstructs the source IP address from accessing the network. Below is discussed a case study and important actions which become necessary in case of network intrusion.
Case Study
If I get an alert from the IDS telling me that somebody is trying to connect repeatedly to port 3389 of my computer at 192.168.2.124 and the mouse pointer starts moving by itself, I would carry out the following steps.
1) The first and foremost thing is to have a grip upon the mental approach. I would try to stay composed and relaxed rather than getting panicked. I would analyze the whole situation cool mind. Whenever a network is established, problems like these are likely to occur and companies always have a well organized solution for this. So, there is no need to get horrified.
2) Under such a situation, it becomes important to isolate the affected computer immediately. An affected machine on a network can cause all other machines on that network to be affected. I would unplug the cable and then disconnect the affected computer both from the internet and the network. This way, the intruder will not be able to have an access to the machine nor will he be able to attack other computers on the network by means of the affected one.
3) I would block the port 3389 temporarily. TCP port 3389 is the Remote Desktop Protocol (RDP) that enables a user to connect to a computer on a network. I will find out if VPN (virtual private network) had been established to protect the RDP or port 3389 traffic. I would make arrangements for the establishment of site-to-site VPN tunnel before reconnecting the computer to the network so as to secure the RDP traffic from Address Resolution Protocol (ARP) poisoning (Savill, 2008). Further investigations include: Were there passwords and sensitive information saved on the computer like ISP access passwords? These must be changed at once. How long has the intrusion gone undetected? The chances of co-computers on the network being affected increase with the time the affected one keeps on working on the network. I would investigate if the computer had updated anti-virus and desktop firewall software installed. I would make backups of all sensitive information and format the operating system. Then, I will reload the sensitive information from backup files while scanning them for viruses.
4) Whenever a security breach like this occurs, the network administrator is the first to be informed. However, it is important to inform all the operators who are dealing with the network.
5) It would be necessary to have a review of firewall and IDS logs so as to have an idea if there was a problem with firewall and IDS settings. I would see if the operating system of the affected computer hosted the firewall module station which “is a key part to securing the firewall” (Spyders Inc., 2007). I would check the IDS logs to make sure that the security needs were being met or not. I would check whether or not there was a software firewall installed on the computer in combination with a hardware firewall connected to the modem because using the combination not only blocks unwanted attacks from outside but also stops malware from getting out if the system becomes infected (DIY Online Security, 2007).
Conclusion
To sum up, it is very important to get the affected computer isolated from the network and then have it checked as to what caused the intrusion possible by reviewing the firewall, IDS logs and anti-virus updates, and investigation about serious concerns should be carried out.
References
DIY Online Security. (2007). Isolate your computer system from the internet. Basic Computer Security. Retrieved from http://www.diyonlinesecurity.co.uk/base/bcs/isolate.html
Savill, J. (2008, February 04). The dangers of using RDP without a VPN. WindowsIT Pro. Retrieved from http://windowsitpro.com/article/articleid/98208/the-dangers-of-using-rdp-without-a-vpn.html
Spyders Inc. (2007). Firewalls with Application Intelligence. Security Solutions. Retrieved from http://www.spyders.ca/firewall.php# Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Security Network Intrusion detection system (IDS) Essay”, n.d.)
Security Network Intrusion detection system (IDS) Essay. Retrieved from https://studentshare.org/miscellaneous/1560362-security-network-intrusion-detection-system-ids
(Security Network Intrusion Detection System (IDS) Essay)
Security Network Intrusion Detection System (IDS) Essay. https://studentshare.org/miscellaneous/1560362-security-network-intrusion-detection-system-ids.
“Security Network Intrusion Detection System (IDS) Essay”, n.d. https://studentshare.org/miscellaneous/1560362-security-network-intrusion-detection-system-ids.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Security Network Intrusion detection system (IDS)

Analyzing and contrasting data mining based network intrusion detection system

...attack pattern (signatures) for the harmful exposure (Bhavani, 2008) 2.5 Limitations of Intrusion Detection Systems IDS (Intrusion Detection Systems) enable system administrators to detect policy violations and hence constitute a standard component in security infrastructures. Policy violations range from insiders misusing their access credentials to external imposters who seek an unauthorized access (Brugger, 2004). Current Intrusion Detection Systems are normally configured to detect known attacks on...
46 Pages(11500 words)Essay

Network Intrusion Detection and Forensics

...analysis of the individual data packets transiting through the ports and makes timely reports of any malicious content present in the network. The NIDS makes use of sensors, which are usually in strategic placement at the network’s choke points. The sensors catch all network traffic, do analysis, and send reports on possible violations to the administrators (Wikipedia, 2012). NIDS constitute an especially special branch of Intrusion Detection Systems (IDS) known as reactive security systems. Some security systems are passive, where they identify the...
26 Pages(6500 words)Dissertation

Intrusion Detection System

...Intrusion Detection System Intrusion Detection System (IDS) checks the network and its activities. It identifies any different activity and informs the administrator. Working of the system in a network and the network traffic are monitored by the Intrusion Detection system. Systems that create traffic among the network are identified and blocked. Intrusion Detection is used to manage the system and the...
14 Pages(3500 words)Essay

Network Intrusion Detection Systems

...of classification technique is the popular ones as it provides more security to the systems in which it is installed. The classification technique is used to classify the type of attack the system faces. (Base 2000).The intrusion system has the responsibility of protecting the system and preventing the attacks. Network intrusion systems using classification techniques are widely used and there are many articles have been written on this system. According to Mun the intrusion detection system works well only if the...
6 Pages(1500 words)Essay

Intrusion detection systems

...Intrusion Detection Systems IDS is the short form for the Intrusion Detection Systems. These systems basically find out the manner in which unwanted signals towards the systems are manipulated. In fact there are a host of different kinds that come under the IDS heading. Moreover, coming to the point of these manipulations which occur in the first place, we discern that these are the usual attacks that are carried out by the hackers who are skilled and quite adept at their work and even at times, script kiddies do play these tricks whereby they make use of the automated scripts to achieve their objectives. IDS thus looks at the malicious data traffic that is taking place in computer networks as well as tries its best at finding out... ,...
8 Pages(2000 words)Essay

Wireless Intrusion Detection Systems

...Wireless Intrusion Detection Systems Introduction The numbers of organization using wireless networks are on the increase and threats to wireless networks are many and potentially disturbing. Although efforts have been made to protect these networks, the technology used is basically not certain and still very much vulnerable to active attacks and passive intrusions. Wireless networks are not only vulnerable to TCP/IP-based attacks subject to wired networks; they are as well focus to a wide range of 802.11-specific threats. For the purpose of security and...
4 Pages(1000 words)Essay

Intrusion Detection

.... References Bradley, T. (2009). Introduction to Intrusion Detection Systems (IDS). Retrieved 09 28, 2009, from http://netsecurity.about.com/cs/hackertools/a/aa030504.htm Comptechdoc. (2009). Network Intrusion Detection. Retrieved 09 28, 2009, from http://www.comptechdoc.org/independent/security/recommendations/secintdet.html Frederick, K. K. (2002). Evaluating Network Intrusion Detection Signatures, Part One. Retrieved 09 29, 2009, from http://www.securityfocus.com/infocus/1623 Nash, J. (2000). Networking Essentials, MCSE Study Guide....
2 Pages(500 words)Essay

Intrusion Detection System

.... I shall find out if upgrades had been installed and were operational. It will also be important to investigate whether VPN had been established to protect the network from getting intruded and to reduce the security breach. I shall make arrangements for the continuity of network operations like preparing redundant system and obtaining data back-ups (State of California, 2009). I shall immediately inform the system administrator and all the concerned authorities that are associated with the sensitive information saved on the affected computer, such as, the credit card company as stated above. I shall review the firewall and intrusion...
2 Pages(500 words)Assignment

Intrusion Detection System

... Intrusion Detection System A system equipped to fight against firewall, malwares, and offers protection against viruses is not novice. This is because protecting the computer against these attacks is an essential part of computer management and protection policy. I agree with this argument of Justin concerning HIDS. HIDS is an intrusion detection system that screens and scrutinizes the internal parts of a computer system, and its own network interface. The system protects against attacks on the computer memory. QUESTION 2 I agree with this argument...
2 Pages(500 words)Assignment

Intrusion Detection Systems

A passive monitoring system transmits signals to the owner after a security breach by utilizing a sensor that detects any weird movement. The main advantage of a passive monitoring system is that the units can be deployed randomly minimizing the device attacks. Passive monitoring IDS cannot block suspicious signals on their own; an operator has to be available to block any potential threat. For Inline transmission, the IDS does not transmit signals to the owner rather it auto-responds to the malicious activity by reconstructing the connection to block communication from the suspicious source. The system is configured to automatically alter suspicious signals without any operation by the owner. Inline transmission IDS can block den...
2 Pages(500 words)Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic Security Network Intrusion detection system (IDS) for FREE!

Contact Us