Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > invades the examination > Content
Hot Articles
ForensicSIM Toolkit gets
Serv-U bounce attack and
To the Image File Execut
Based on CallStack count
To a some music website
How to use double WAN ro
pcshare official net exa
Security precious book m
Honey jar and honey net
The invasion examination
pcshare official net exa
Tomcat invasion examinat
Bypasses the CallStack f
Ten big invasion examina
The network invasion exa
Recommend Articles
Only opens 80 port's saf
Bypasses the web key wor
Bypasses the CallStack f
Security precious book m
Based on CallStack count
pcshare official net exa
SQL Server SA idle talk
Honey jar and honey net
The invasion examines th
Four next generation inv
An accidental invasion e
The invasion examines (I
How to use IDS to invade
The invasion examination
A winding safe examinati
New Articles
TEA guidelines for risk
Training for medical per
JSIC Security Forum 2001
SITO includes E-Learning
The rationale for choosi
Drink and drug driving c
BTEC is Tavcom Training
International trade issu
1 in 5 companies is unli
New compact PD-350 for F
sharp rise in prices of
Passfaces strong authent
T3i teams with Passfaces
Comodo Two Factor Authen
Comfortable two-factor a
The enterprise invades the examination system: Explains the IPS dense fog
  Add date: 07/16/2008   Publishing date: 07/16/2008   Hits: 5
Total 9 pages, Current page:1, Jump to page:
 
in 2005 the fall, a union investigation which carries on by the global many system software companies indicated that surpasses 66% enterprise users to believe that “the system seepage” will become the threat enterprise IT security most important prime culprit. The investigation had simultaneously disclosed present has most eight information security threat, has included: The virus, the system seepage, refuses to serve, in the net to abuse, the deceit, because the leaving job personnel create the data or the network lose, the non-authorized inter access.

Although 86% has been used the firewall by the surveyor, but in the majority situations these firewalls are unable to counter-attack the invasion behavior effectively. Because the common firewall is mainly uses for to defend the direct suspicious current capacity - for instance in the security policy authorization situation, rejects visitor telnet to a protection device on, or permits certain data streams through - like the Web server correspondence.

The present question is, security model in change: In more and more may pass through in firewall's current capacity, smuggles is attacking, namely faces the application the attack. The majority of firewall inspection's level mainly concentrates in transmits below the level, even if is the outstanding firewall also can only provide a small part of depth examination ability.

After the enterprise server has accepted these “the sugar-coated bullet”, the aggressor may this be a springboard, to enterprise in net transmission massive aggressive text. Once these people leave behind “rootkit” on the server, “back door” and so on back doors, then it may in any time, any place unlimited visit enterprise entire information system.

What awfully is, nearly all enterprises have suffered the attack from the interior the experience, although in many situations these “in the thief” did not know, looks like VPN, the wireless network, the notebook after all, may pass through the firewall visit Internet.

Certainly, has the user to use the IDS supervisory system security, and hoped that through guards against the invasion with the firewall linkage. However the premise is, only then, when the intruder uses 2800bps network speed invasion enterprise network time, IDS only then has the enough reaction time to dispatch other safety equipment coordination! The slow time pokes fundamentally is unable the disaster which prevents “Slammer”, “Blaster” and so on high speed reproduction to bring similarly.

In order to solve the above problem, selects the real-time online method the enterprise to invade the examination system (IPS) to be operational. The IPS original intention is aims at the enterprise to apply carries on the defense, because all current capacities must pass from IPS, had guaranteed the equipment adopts the defense the time. However brings the question is, the thorough package examination lets the human have regarding equipment's performance worried, when specially the protection option all opens, moreover IPS, once presents the misinformation, the immediate consequence is definitely bigger than IDS.

 
Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9 * Next>>
Prev:A winding safe examination Next:Safe application: Using IDS security database

Comment:

Category: Home > invades the examination
Home