Like what you see? Get it in one document for easy printing! |
Click Here! Use coupon code "certiguide" to save 20%! (Expires 2004/12/31) |
|
Test yourself better with 300 extra Security+ questions! |
Get It Here! |
|
|
3.4.1.1 Active Detection
NIDS are increasingly focusing on
active detection. This does not refer to how the NIDS detects potential
problems, as you might expect. Instead it refers to how the NIDS responds
to the situation once it is detected. (Sorry folks, this is the industry
standard terminology. We didnt create it.) With active detection,
the NIDS takes some action to mitigate the detected threat. Such
options can include:
- Reconfigure a firewall or router to route traffic
around a problem such as a DoS attack
- Break suspicious network connections
- Send a message to a host-based agent to shut
down a vulnerable service on a particular host
- Attempt to collect more information about the
intrusion
Active NIDS
With Active Detection, a NIDS actively attempts to perform damage control on a detected intrusion attempt.
Actions taken as part of active detection can include reconfiguring a router to route around a network problem like a DoS attack, breaking suspicious network connections, shutting down services to minimize vulnerability, or collecting more information about the intrusion. |
If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support! |
|
|
Home -
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.
|