Intrusion Security
A software application or a device that monitors network and system activities for any policy violations or malicious activities and produces the necessary reports to the management station is referred to as a Intrusion. Detection system. Various systems will opt to reject any intrusion but this should not be the case with a monitoring system.
Prevention system and intrusion detection are mainly focused on identifying incidents, reporting attempts and logging information about them. Some companies use IDPSes for different purposes including documenting existing threats,stopping people from violating security policies and identifying issues with security policies.
Most organization are finding it very important to add IDPSes to their security infrastructure. IDPSes normally record details regarding observed events,they then notify the admin about any security incident that has been observed and finally produces a report.
Most IDPSes can also respond to a security threat by deterring it from progressing to the next stage. IDPSes normally use several response attacks to deal with the detected threat.
The IDPSes may stop the attack from succeeding or it could respond by changing the security environment or by changing the security content. In some cases the Intrusion Detection system may respond to malicious or anomalous traffic by taking strict actions such as blocking the source IP address or the use from accessing the network.
This means that the user will not be able to access any information that he had stores on the device. IDS come in different approaches all of which target suspicious traffic and use various methods to stop it from progressing. There are host based (HIDS) and network based( NIDS) intrusion detection systems. Some IDS detect the malicious threat by detecting its signature the same way an anti virus software works when detecting the malware.
Other IDS types work by comparing different patterns to a baseline and checking for anomalies. Some IDS just monitor and alert about a specific threat while others perform the action.
Network IDS are normally placed at a specific point on the network so as to detect any malicious traffic to and from any device or system that is on the network.
Ideally you can easily scan the outbound and inbound traffic but it will make your network more slower and therefore it is recommendable for you to use this system.
Host intrusion detection system are run on devices or individual hosts within the network. A host IDS monitors the outbound and inbound packets from the system only and will alert the administrator or the user when any malicious traffic is detected.
A signature based IDS will check for packets within the network and compare them with the database signatures to verify whether they match any threat.
This is just the same way an anti virus works while detecting any malicious malware. The only problem is that there will be a lag between the time of detection and response. During lag period the IDS will not be able to detect the software.
BE SAFE
• Avoid giving personal information such as your address and phone number to someone you do not know.
• Avoid opening emails from unknown sources unless you do online marketing.
. Do not open attachments sent to you from unknown sources.
• Avoid online friendships with unknown persons of dubious character.
• Be careful who you meet in person who you've met online.
• Tell someone else about any bad Internet experiences you are having online especially if you are a child.