Intrusion Detection ?

General questions.
Post Reply
gh4wi
Posts: 15
Joined: March 29th, 2018, 3:20 pm

Intrusion Detection ?

Post by gh4wi » April 13th, 2019, 3:04 pm

I am wondering what should happen if the Intrusion Detection System detects an intrusion ?
Does it it just make an entry in the IDS Log ?
Is there a test that I can run to verify that it is working ?

SmithJ
Posts: 18
Joined: July 4th, 2019, 5:21 pm
Location: USA
Contact:

Re: Intrusion Detection ?

Post by SmithJ » October 31st, 2019, 3:36 pm

An intrusion detection system (IDS) monitors network devices in order to grant security administrators the ability to identify attacks in progress and take appropriate action to protect a network. In order for users on a network to access a web server on the internet, the firewall must allow traffic through port 80. However, this open port is often used as an attack vector for hackers and malware to gain access to your network. An IDS examines this traffic and compares it with known exploits; similar to how antivirus software uses known virus signatures to identify threats. When the intrusion system detects a match to a known exploit, it sends an alert to the security or web server administrator so they can take action. Intrusion prevention systems (IPS) are very similar to IDSs, but as opposed to just sending an alert, these systems go one step further and automatically take action to prevent an intrusion.

Post Reply