0 evaluări0% au considerat acest document util (0 voturi)
18 vizualizări3 pagini
NIDS Network Intrusion Detection Systems are placed at a strategic point or points within the network to monitor traffic to and from all devices on the network. În mod ideal, ar trebui scanat tot traficul de intrare si de iesire, insa acest lucru ar putea crea un blocaj care ar putea afecta viteza de ansamblu a retelei. HIDS host Intrusion Warning Systems are run on individual hosts or devices in the network. A HIDS monitorizes the in
NIDS Network Intrusion Detection Systems are placed at a strategic point or points within the network to monitor traffic to and from all devices on the network. În mod ideal, ar trebui scanat tot traficul de intrare si de iesire, insa acest lucru ar putea crea un blocaj care ar putea afecta viteza de ansamblu a retelei. HIDS host Intrusion Warning Systems are run on individual hosts or devices in the network. A HIDS monitorizes the in
NIDS Network Intrusion Detection Systems are placed at a strategic point or points within the network to monitor traffic to and from all devices on the network. În mod ideal, ar trebui scanat tot traficul de intrare si de iesire, insa acest lucru ar putea crea un blocaj care ar putea afecta viteza de ansamblu a retelei. HIDS host Intrusion Warning Systems are run on individual hosts or devices in the network. A HIDS monitorizes the in
Network Intrusion Detection Systems are placed at a strategic point or points
within the network to monitor traffic to and from all devices on the network. Ideally you would scan all inbound and outbound traffic, however doing so might create a bottleneck that would impair the overall speed of the network.
NIDS Sistemele de detectare a intruziunilor bazate pe retea sunt plasate intr-un punct strategic, sau in puncte in cadrul retelei in scopul monitorizarii traficului catre si de la toate dispozitivele din retea. n mod ideal, ar trebui scanat tot traficul de intrare i de ieire, ns acest lucru ar putea crea un blocaj care ar putea afecta viteza de ansamblu a reelei. HIDS Host Intrusion Detection Systems are run on individual hosts or devices on the network. A HIDS monitors the inbound and outbound packets from the device only and will alert the user or administrator of suspicious activity is detected
HIDS Sistemele de detectare a intruziunilor bazate pe host ruleaza pe gazed individuale sau dispositive din retea. Un HIDS monitorizeaza pachetele de intrare si de iesire numai din dispozitiv si va alerta userul sau administratorul de activitate suspecta detectata. Signature Based A signature based IDS will monitor packets on the network and compare them against a database of signatures or attributes from known malicious threats. This is similar to the way most antivirus software detects malware. The issue is that there will be a lag between a new threat being discovered in the wild and the signature for detecting that threat being applied to your IDS. During that lag time your IDS would be unable to detect the new threat. Sisteme de detectare a intruziunilor bazate pe signature UN SIDS va monitoriza pachetele dintr-o retea si le va compara cu o baza de date ce cuprinde signaturi sau atribute ale amenintarilor malware. Acest mod de actiune este similar cu cel prin care sistemele software antivirus detecteaza amenintarile malware. Dificultatea este data de intarzierea dintre o amenintare noua si signatura pentru a detecta ce trebuie aplicat in cadrul IDS-ului. In timpul intarzierii IDS-ul nu va putea detecta noile amenintari. Anomaly Based An IDS which is anomaly based will monitor network traffic and compare it against an established baseline. The baseline will identify what is normal for that network- what sort of bandwidth is generally used, what protocols are used, what ports and devices generally connect to each other- and alert the administrator or user when traffic is detected which is anomalous, or significantly different, than the baseline. Sisteme de detectare a intruziunilor bazate pe anomalii Un IDS bazat pe anomalii va monitoriza traficul din retea si il va compara cu linia de baza stabilita. Linia de baza va identifica ce este normal pentru retea ce latime de banda este folosita in general, ce protocoale sunt folosite, ce porturi si dispozitive se conecteaza intre ele- si alerteaza administratorul sau userul cand se detecteaza un traffic anormal, sau diferit in mod significant in comaparatie cu linia de baza. Passive IDS A passive IDS simply detects and alerts. When suspicious or malicious traffic is detected an alert is generated and sent to the administrator or user and it is up to them to take action to block the activity or respond in some way.
IDS passive doar detecteaza si alerteaza. Cand se detecteaza traffic suspicios sau cu amenintarri, se genereaza o alerta care este trimisa administratorului sau userului, apoi depinde de ei sa blocheze activitatea sau sa raspunda alertei intr-un anume fel. Reactive IDS A reactive IDS will not only detect suspicious or malicious traffic and alert the administrator, but will take pre-defined proactive actions to respond to the threat. Typically this means blocking any further network traffic from the source IP address or user.
IDS reactive Un IDS reactive nu numai ca va detecta traficul suspicios sau cu amenintari, dar va actiona in mod proactive predefinit pentru a raspunde atacurilor. In general asta inseamna blocarea pe viitor a traficului din retea de la adresa IP a sursei sau utilizatorului.