StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Security Network Intrusion detection system (IDS) - Essay Example

Cite this document
Summary
A network intrusion detection system (NIDS) keeps a check on the network traffic, signals when it encounters a security breach, a malicious activity or an attack, and obstructs the source IP…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER95.2% of users find it useful
Security Network Intrusion detection system (IDS)
Read Text Preview

Extract of sample "Security Network Intrusion detection system (IDS)"

Network Intrusion Detection System Introduction Intrusion detection and prevention is vital when it comes to a network’s security. A network intrusion detection system (NIDS) keeps a check on the network traffic, signals when it encounters a security breach, a malicious activity or an attack, and obstructs the source IP address from accessing the network. Below is discussed a case study and important actions which become necessary in case of network intrusion.Case Study If I get an alert from the IDS telling me that somebody is trying to connect repeatedly to port 3389 of my computer at 192.168.2.

124 and the mouse pointer starts moving by itself, I would carry out the following steps. 1) The first and foremost thing is to have a grip upon the mental approach. I would try to stay composed and relaxed rather than getting panicked. I would analyze the whole situation cool mind. Whenever a network is established, problems like these are likely to occur and companies always have a well organized solution for this. So, there is no need to get horrified. 2) Under such a situation, it becomes important to isolate the affected computer immediately.

An affected machine on a network can cause all other machines on that network to be affected. I would unplug the cable and then disconnect the affected computer both from the internet and the network. This way, the intruder will not be able to have an access to the machine nor will he be able to attack other computers on the network by means of the affected one. 3) I would block the port 3389 temporarily. TCP port 3389 is the Remote Desktop Protocol (RDP) that enables a user to connect to a computer on a network.

I will find out if VPN (virtual private network) had been established to protect the RDP or port 3389 traffic. I would make arrangements for the establishment of site-to-site VPN tunnel before reconnecting the computer to the network so as to secure the RDP traffic from Address Resolution Protocol (ARP) poisoning (Savill, 2008). Further investigations include: Were there passwords and sensitive information saved on the computer like ISP access passwords? These must be changed at once. How long has the intrusion gone undetected?

The chances of co-computers on the network being affected increase with the time the affected one keeps on working on the network. I would investigate if the computer had updated anti-virus and desktop firewall software installed. I would make backups of all sensitive information and format the operating system. Then, I will reload the sensitive information from backup files while scanning them for viruses.4) Whenever a security breach like this occurs, the network administrator is the first to be informed.

However, it is important to inform all the operators who are dealing with the network.5) It would be necessary to have a review of firewall and IDS logs so as to have an idea if there was a problem with firewall and IDS settings. I would see if the operating system of the affected computer hosted the firewall module station which “is a key part to securing the firewall” (Spyders Inc., 2007). I would check the IDS logs to make sure that the security needs were being met or not. I would check whether or not there was a software firewall installed on the computer in combination with a hardware firewall connected to the modem because using the combination not only blocks unwanted attacks from outside but also stops malware from getting out if the system becomes infected (DIY Online Security, 2007).

ConclusionTo sum up, it is very important to get the affected computer isolated from the network and then have it checked as to what caused the intrusion possible by reviewing the firewall, IDS logs and anti-virus updates, and investigation about serious concerns should be carried out.ReferencesDIY Online Security. (2007). Isolate your computer system from the internet. Basic Computer Security. Retrieved from http://www.diyonlinesecurity.co.uk/base/bcs/isolate.htmlSavill, J. (2008, February 04).

The dangers of using RDP without a VPN. WindowsIT Pro. Retrieved from http://windowsitpro.com/article/articleid/98208/the-dangers-of-using-rdp-without-a-vpn.htmlSpyders Inc. (2007). Firewalls with Application Intelligence. Security Solutions. Retrieved from http://www.spyders.ca/firewall.php#

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Security Network Intrusion detection system (IDS) Essay”, n.d.)
Security Network Intrusion detection system (IDS) Essay. Retrieved from https://studentshare.org/miscellaneous/1560362-security-network-intrusion-detection-system-ids
(Security Network Intrusion Detection System (IDS) Essay)
Security Network Intrusion Detection System (IDS) Essay. https://studentshare.org/miscellaneous/1560362-security-network-intrusion-detection-system-ids.
“Security Network Intrusion Detection System (IDS) Essay”, n.d. https://studentshare.org/miscellaneous/1560362-security-network-intrusion-detection-system-ids.
  • Cited: 0 times

CHECK THESE SAMPLES OF Security Network Intrusion detection system (IDS)

Network Intrusion Detection Systems

intrusion detection system detects and protects the network system from threats and attacks.... It is mandatory for the network systems to install an intrusion detection system to easily manage the attacks and resolve the issues.... According to Mun the intrusion detection system works well only if the system is selected based on the type of network.... The intrusion detection system must be selected to suit the network.... network intrusion detection systems are widely used and they are one of the major component in a network....
5 Pages (1250 words) Essay

Intrusion detection systems

IDS is the short form for the intrusion detection Systems.... IDS is the short form for the intrusion detection Systems.... In fact there are a host of different kinds that come under the ids heading… Moreover,coming to the point of these manipulations which occur in the first place,we discern that these are the usual attacks that are carried out by the hackers who are skilled and quite adept at their work and even at times,script kiddies do play these tricks whereby they make use of the automated scripts to achieve their objectives....
8 Pages (2000 words) Essay

Wireless Intrusion Detection Systems

He explains the intrusion methods, need for wireless intrusion detection system and as well identify the rewards and problems of wireless intrusion detection systems.... In the paper “Wireless intrusion detection Systems” the author analyzes security and detection of possible threats to wireless networks.... Usually, this is done as a hobby and such hobbyists may combine the data with Global Positioning system (GPS) information to generate geographic maps of wireless networks in the area and their configurations....
4 Pages (1000 words) Essay

Intrusion Detection

The accomplishment of the intrusion detection system or IDS offers a great advantage for the detection of the possible security concerns and attacks on time and effective handling of these concerns (Sans, 2009).... An intrusion detection system or IDS is hardware and software based system to identify unwanted efforts at accessing, disabling or manipulating computer systems, mostly in the course of a network, such as the Internet.... An intrusion detection system is also utilized to identify numerous forms of malicious behaviors that are able to compromise the security as well as trust of a computer system....
2 Pages (500 words) Essay

IDS Policy Parameters and Network Intrusion

network intrusion detection.... Evaluating network intrusion detection Signatures, Part One.... intrusion detection includes an extensive collection of methods that differ on several axes.... The main aim and objective of this policy is to offer procedures to set up security monitoring and intrusion detection to defend business resources as well as data on the organizational network.... Introduction to intrusion detection Systems (IDS)....
2 Pages (500 words) Essay

A Network Intrusion Detection System and Security Attacks

The paper "A network intrusion detection system and Security Attacks" gives detailed information about the mark IDS technique, a system based interruption recognition framework.... A network intrusion detection system monitors networks for intrusions and attacks reporting any anomalies to the administrator.... hellip; intrusion detection has become an important sector.... intrusion detection systems (IDS) can effectively provide network security by preventing, detecting, and possibly fighting attacks....
7 Pages (1750 words) Assignment

Purpose of Intrusion Detection and Detection Techniques

According to Sundaram (1996) “an automatic intrusion detection that performs automated intrusion detection is acknowledged as an IDS or intrusion detection system” (Sundaram, 1996).... An intrusion detection system can be either network-based, in the host-based it checks system logs or calls, or network-based if it observes network packets flow during the commutation.... urpose of IDSs and Detection TechniquesAccording to Bradley (2009), an intrusion detection system is an application or device utilized to scrutinize the entire network traffic as well as alert the administrator or user when there has been an illegal effort or access....
5 Pages (1250 words) Coursework

A Network-Based Intrusion Detection System for ACME Software Solutions

… The paper “A Network-Based intrusion detection system for ACME Software Solutions” is a motivating variant of a lab report on information technology.... The paper “A Network-Based intrusion detection system for ACME Software Solutions” is a motivating variant of a lab report on information technology.... The networks main element will encompass the following: Firewall; NIDS (Network-based intrusion detection system); Web Server; Database Server; and installation....
13 Pages (3250 words) Lab Report
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us