INTRUSION

Intrusion Prevention System

* Network-based

*Host-based

*Content-based

*Rate-based

Network-based

Host-based

Content-based

Rate-based

*Intrusion*

–An intrusion is  a deliberate unauthorized attempt, successful or not, to break into, access, manipulate, or misuse some valuable property and where the misuse may result into or render the property unreliable or unusable.

–The person who intrudes is an intruder. 

*There are six types of intrusions:

Attempted break-ins- which are detected by atypical behavior profiles or violations of security constraints. An intrusion detection system for this type is called anomaly-based IDS.

Masquerade attacks- which are detected by atypical behavior profiles or violations of security constraints. These intrusions are also detected using anomaly-based IDS.

Penetrations of the security control system- which are detected by monitoring for specific patterns of activity.

Leakage- which is detected by atypical use of system resources.

Denial of service- which is detected by atypical use of   system resources.

Malicious use- which is detected by atypical behavior profiles, violations of security constraints, or use of special privileges. 

Symptoms of intrusion

      Crackers are going to first look known weaknesses in the OS or any application you are using next they would start probing looking for holes, open ports, or forgotten back doors faults in your security posture that can quickly or easily be exploited.