intrusion signature
intrusion signature
—————————————————————————————————————————–
Recorded evidence of a system intrusion, typically as part of an intrusion detection system (IDS). When a malicious attack is launched against a system, the attack typically leaves evidence of the intrusion in the system’s logs. Each intrusion leaves a kind of footprint behind (e.g., unauthorized software executions, failed logins, misuse of administrative privileges, file and directory access) that administrators can document and use to prevent the same attacks in the future. By keeping tables of intrusion signatures and instructing devices in the IDS to look for the intrusion signatures, a system’s security is strengthened against malicious attacks.
Because each signature is different, it is possible for system administrators to determine by looking at the intrusion signature what the intrusion was, how and when it was perpetrated, and even how skilled the intruder is.
Total viewed: 13 views
Post rating:
(No Ratings Yet)
Loading ...Possibly related posts: (automatically generated)
- Intrusion Detection System
- Intrusion Prevention System
- FTP & Intrusion Detection System
- What are targeted attacks?
- Internet Connection Firewall
- Logic bomb
- Chatting under attack
- IM worm
- Greyware
- TCP SYN attack
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Post Info
This entry was posted on Sunday, January 20th, 2008 and is filed under Internet.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Science Joke »
Next Post: Rowan Atkinson (Mr. Bean’s) House »
