Please enable JavaScript.
Coggle requires JavaScript to display documents.
General info about Intrusion Detection (Honeypot Deployment (As part of…
General info about Intrusion Detection
Examples of Intrusion
remote root compromise
web server damage
guessing / cracking passwords
copying / viewing sensitive data / databases
running a packet sniffer to obtain username/passwords
Honeypot Deployment
As part of the service network
As part of the internal network
Outside firewall
Snort
Architecture
Detection Engine(Rule-based analysis.)
Packet Decoder
Logger
Alerter
Rules
Header
action
protocol
source IP
source port
dest IP
dest port
Opetions
Intruder Types
Hackers
Criminals
Insiders
IPS
inline network or host-based IDS that can block traffic
functional addition IDS capabilities to firewalls