Beruflich Dokumente
Kultur Dokumente
IDS: What is not an IDS?, Infrastructure of IDS, Classification of IDS, Host-based IDS, Network based
IDS, Anomaly Vs Signature Detection, Normal Behavior Patterns-Anomaly Detection, Misbehavior Signatures-
Signature Detection , Parameter Pattern Matching, Manage an IDS.
Malicious Software, Safeguards, Firewalls, Packet-Filtering Firewalls, State full Inspection Firewalls,
Proxy firewalls, Guard, Personal Firewalls, Limitations of Firewalls.
Components of IDS
Analysis Storage
Events
15CS62T Page 1 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
Type of Attacks
1. Active Attack
2. Passive Attack
15CS62T Page 2 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
Infrastructure of IDS
Prevention
Simulation
IDS Tasks Intrusion Monitoring
Protected Systems Monitoring
Analysis
Notification
Intrusion Detection
Additional IDS Infrastructure
Response Notification
Response
Refer given QA’s….
Classification of IDS
Intrusion Detection
Sys
Online Offline
15CS62T Page 3 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
15CS62T Page 4 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
Firewalls
Firewalls
15CS62T Page 5 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
Firewall History
15CS62T Page 6 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
15CS62T Page 7 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
15CS62T Page 8 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
There are some firewalls which are able to detect viruses, Trojans,
worms and spyware etc.
Limitations of firewall
1. The main disadvantage of a firewall is that it cannot protect the
network from attacks from the inside. They often cannot protect
against an insider attack.
2. Firewalls cannot protect a network or pc from viruses, Trojans, worms
and spyware which spread through flash drives, potable hard disk and
floppy etc.
Firewall IDS
A firewall is a hardware and/or An Intrusion Detection System (IDS) is a
software which functions in a software or hardware device installed on
networked environment to block the network (NIDS) or host (HIDS) to
unauthorized access while permitting detect and report intrusion attempts to
authorized communications. the network.
15CS62T Page 9 of 10
3 – Intrusion Detection System andFirewalls 10 [30]
Firewalls are most visible part of a IDS are very difficult to be spotted in a
network to an outsider. Hence, more network (especially stealth mode of IDS).
vulnerable to be attacked first. (A
gateman will be the first person attacked
by a thief!!)
15CS62T Page 10 of 10