Intrusion and Prevention Essay

1.0AbstractThe wide spread proliferation of Internet Technology has guide to the incorporation of Computer in each and e very field of life. From program line to Business, Information Technology has now become an indispensable element in our life. Computers have reached homes, offices, schools and even churches . The wide spread use of computers is accompanied by an exponential growth in e-crimes ,in which unscrupulous elements try to gain gravel to others computers to steal valuable tuition like identification card numbers , personal identification codes etc. Owing to this the festering and deployment of ripe infringement detection systems that bottom of the inning detect and thwart much(prenominal) malicious attempts becomes highly important.2.0 Intrusion Detection Systems(IDS)In order to sentry go a computer from being intruded by malicious code, System/vane Administrators deploy Intrusion Detection Systems .These systems atomic number 18 nothing but softw be system a pplications that monitor the inbound Internet packets for malicious or susceptible natural process at law and alert the Administrator whenever such an activity is detected. They often respond to such intrusions by either blocking the source computer from accessing the hosted computer or by restricting the actions of source computer on destination. There are mevery types of IDS software available in the market and they differ in the port they detect the suspicious activity. Examples of IDS include Shadows, raspberry, Dragon, RealSecure and NetProwler.3.0 fowl IDSThere are m both products available in the market for intrusion detection, out of these Snort gains a unique market proposition because of its free download accessibility and its at par performance in its field with any other commercial product. Snort is an Open source IDS Software which was in the first place designed for UNIX platform, but now is available for Windows establish systems also. It provides basic inter locking monitoring purpose and also can also be put together for rule based IDS functionality.4.0 Functionalities of SnortSnort can be installed very easily on any Windows or UNIX based system with the encourage of its friendly graphical user friendly interface. It is a Nedeucerk bases Intrusion Detection System (NIDS) that can be apply in two orders, sniffer and faller mode. In basic sniffer mode it just reports what is happening on the system console, while in the logger mode, it can log the electronic network traffic details in the log file directory. Both sniffer and logger modes are passive and just give system decision maker an information about the network traffic without actually taking any action to prevent the intrusion. However it can be used in IDS mode to be able to act upon certain rules, pre-defined by system administrator to prevent intrusion.Snort is open sourced and comes with a well-developed API that can be used to add new functionalities to the IDS.The on ly pit-fall of Snort IDS is that, it does not have node support and a user has to rely on self-help books and internet forums for any troubleshooting and problems. However its download comes with a very elaborate documentation. Also any(prenominal) of the functionalities that are their in its UNIX version might be missing in its Windows version.5.0 EvaluationSnort is the most widely used IDS software with more(prenominal) than 225,000 registered users. It provides user with features like signature detection, protocol inspection and anomaly based detection. Its open source nature makes it the most favored IDS system by developers .They are constantly in pursuit to add new and sophisticated functionality to existing systems. There is lot of literature available about Snort due to its wide reach and influence on user community.It can be used to detect all kind of intrusions ranging from buffer overflows, CGI attacks, SMB probes, OS fingerprinting attempts to stealth port scans. From its initially light weight mutation that was used only to log the intrusion attempts to the current sophisticated and richly developed IDS edition, Snort has truly come a long way to provide user with an inexpensive, sophisticated and cutting edge technology that could firm their systems from malicious attacks from unscrupulous elements.