Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > invades the examination > Content
Hot Articles
Based on CallStack count
Only opens 80 port's saf
Bypasses the web key wor
pcshare official net exa
pcshare official net exa
To the Image File Execut
The invasion examination
Serv-U bounce attack and
IDS invasion examination
Bypasses the CallStack f
Security precious book m
Omni-directional examina
Making network security
Prevents the hacker to i
Under the Linux 9 system
Recommend Articles
Only opens 80 port's saf
Bypasses the web key wor
Bypasses the CallStack f
Security precious book m
Based on CallStack count
pcshare official net exa
SQL Server SA idle talk
Honey jar and honey net
The invasion examines th
Four next generation inv
An accidental invasion e
The invasion examines (I
How to use IDS to invade
The invasion examination
A winding safe examinati
New Articles
Invasion examination tec
To a blue shield master
Ten big invasion examina
Ten big invasion examina
Five big most famous inv
To Win2000 server invasi
Protection skill - IDS i
The invasion examination
IDS: The signature exami
Invasion examination
IDS invasion examination
LIDS all captures
How to examine the VMwar
Tomcat invasion examinat
[splendid] invades exami
Invasion examination technology analysis
  Add date: 10/08/2008   Publishing date: 10/08/2008   Hits: 1
Total 7 pages, Current page:1, Jump to page:
 
Origin: http://blog.yesky.com/Blog/redhorse/
CNNIC issues "China Internet Development Condition Statistical reports" demonstrated that China already had several ten million surfer users. Therefore, more and more companies shift its core business to the Internet, serve into current IT industry another growing point, but the network security takes the question which is unable to avoid to present in front of the people. Along with the computer network knowledge's popularization, the aggressor are getting more and more, the knowledge was day by day mature, attacks the tool and the technique complex diverse, pure _blank " > the firewall strategy already was day by day unable to satisfy to the safe altitude sensitive department's need, the network defense must use one kind of depth, the diverse method. The network environment also becomes more and more complex, all kinds of complex equipment, needs to promote the system which, to make up leaks to cause network administrator's work unceasingly to aggravate unceasingly, the nonchalant negligence then has the possibility to create the safe significant hidden danger. Therefore, the invasion examination system has become in the security market the new hot spot, not only more and more receives people's attention, moreover already started in each kind of different environment to play its crucial role.
  Invasion examination system (IDS)
  Because the invasion examination system's market zai jin ji nian zhong swift development, many companies invest to this domain come up. Internet Security System (ISS), companies and so on Cisco, Symantec have promoted their product.
  System composition
  IETF divides into an invasion examination system four modules: Event producer (Event generators); Event analyzer (Event analyzers); Response unit (Response units); Event database (Event databases).
  The event producer's goal is obtains the event from the entire computation environment, and provides this event to system's other parts. The event analyzer analysis obtains the data, and has the analysis result. The response unit is to analyzes the result to make the response the function unit, it may make the cut-off connection, change file attribute and so on intense response, may also only be the simple warning. The event database is deposits each kind middle and the final data place general designation, it may be the complex database, may also be the simple text document.
System classification
  According to examination object difference, invasion examination system separable primarily type and network.
  Based on main engine's monitor. The main engine invasion examination system is by the system log, the application procedure diary and so on takes the data pool, certainly may also (for example monitoring system transfer) from the main engine collection information which is at carry on the analysis through other methods. The main engine invasion examination system protection is the system which generally is. This kind of system moves frequently, in is monitored above the system, with the observation system on the advancement which moves to be whether legitimate. Recently appeared one kind of ID (intrusion detection): Located in operating system's essence and observation system's lowest level behavior. All these systems already might use in recently many kinds of platforms.

 
Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * Next>>
Prev:To a blue shield master station secure examination

Comment:

Category: Home > invades the examination
Home