Nids
“Network intrusion detection system (NIDS) is an independent platform that identifies intrusions by examining network traffic and monitors multiple hosts. Network intrusion detection systems gain access to network traffic by connecting to a network router, network switch configured for port mirroring, or network tap.”
Akhila Isuranga
44172
Content
1. Overview 1.1 What is Internet Security? 1.2 Intruder
2. Network intrusion detection system (NIDS) 2.1Signature base detection 2.2 Anomaly detection base
3. Architecture of NIDS 3.1Component of NIDS 3.2 Sensor placement in NIDS
4. Traffic controlling of a network
5. DMZ – Demilitarized zone.
6. Snort 6.1 What’s snort? 6.2 Architecture of Snort 6.3 Rules content 6.4 Snort download and installation 6.5 Snort configuration 6.6 Traffic capturing
7. Vulnerabilities and Attacks vs. NIDS
8. Capabilities of NIDS monitoring:
9. Disadvantages of NIDS
10. References
1. Overview
1.1 What is Internet Security?
In today’s environment we need to contact each other through networks. Most of the devices or networks are interconnect to other devices or networks. As a result of this connection you are able to share your files, documents, etc. but when you are sharing you need to connect to a network and to the internet. When you connect to the internet you are taking a risk, cause your sharing files or documents may visible to others or intruders can steel your important files without a leaving a single mark. As a result of this Internet Security was introduced to protect your system from intruders.
1.2 Intruder
Intruder is a person who is trying to connect to your network without your prior permission. There are two types of intruders. * Insider – insider is the most dangerous type of intruder. This person is who has a permission to enter your network. Most insiders are trying to mischief or steel your files. It
Akhila Isuranga
44172
Content
1. Overview 1.1 What is Internet Security? 1.2 Intruder
2. Network intrusion detection system (NIDS) 2.1Signature base detection 2.2 Anomaly detection base
3. Architecture of NIDS 3.1Component of NIDS 3.2 Sensor placement in NIDS
4. Traffic controlling of a network
5. DMZ – Demilitarized zone.
6. Snort 6.1 What’s snort? 6.2 Architecture of Snort 6.3 Rules content 6.4 Snort download and installation 6.5 Snort configuration 6.6 Traffic capturing
7. Vulnerabilities and Attacks vs. NIDS
8. Capabilities of NIDS monitoring:
9. Disadvantages of NIDS
10. References
1. Overview
1.1 What is Internet Security?
In today’s environment we need to contact each other through networks. Most of the devices or networks are interconnect to other devices or networks. As a result of this connection you are able to share your files, documents, etc. but when you are sharing you need to connect to a network and to the internet. When you connect to the internet you are taking a risk, cause your sharing files or documents may visible to others or intruders can steel your important files without a leaving a single mark. As a result of this Internet Security was introduced to protect your system from intruders.
1.2 Intruder
Intruder is a person who is trying to connect to your network without your prior permission. There are two types of intruders. * Insider – insider is the most dangerous type of intruder. This person is who has a permission to enter your network. Most insiders are trying to mischief or steel your files. It