Results 1 to 2 of 2

Thread: FAQ: Intrusion Detection Systems

  1. #1
    Senior Member
    Join Date
    Feb 2002

    FAQ: Intrusion Detection Systems

    I was going to post this over in the IDS security forum but i thought it best suited here in the newbie section as it offers a good overall (but basic) view of security and not really (all) to do with IDS.

    link to source. http://www.securitysearch.net/articl...ction_FAQ.html

    some topics covered:

    What is an "intrusion detection system (IDS)"?

    What are hackers and crackers?

    What are whitehats and blackhats?

    How do intruders attack a system?

    * Software bugs.
    * System configuration.
    * Password cracking.
    * Sniffing unsecured traffic.
    * Design flaws.

    How do intruders get passwords?

    What is a typical intrusion scenario?

    What are some common "intrusion signatures"?

    What are some common exploits?

    * CGI scripts.
    * Web server attacks.
    * Web browser attacks.
    * Access.
    * IMAP.
    * IP spoofing.
    * Buffer Overflows.
    * DNS attacks.

    What are some common reconnaissance scans?.

    * Ping sweeps.
    * TCP scans.
    * UDP scans.
    * OS identification.
    * Account scans.

    What are some common DoS (Denial of Service) attacks?.

    * Ping-of-Death.
    * SYN Flood.
    * Land/Latierra.
    * WinNuke.

    Where can I find some Statistics on intrusions?

    How are intrusions detected?

    What are the main things to do to secure a Win NT/200/XP system?

    How do I collect enough evidence about the hacker?

    What is Snort?

    What intrusion detection systems are available?

    Why do I need IDS if I already have a firewall?

    What are the limitations of a network based IDS?

    What is a honeypot?

    1. What are the advantages of a honeypot?
    2. What are the disadvantages of a honeypot?

    What honeypot products are available?

    What are deception countermeasures?

    What are the legal implications of honeypots?

    Do honeypots constitute entrapment?

    Am I aiding and abetting a crime?

    Am liable for attacks launched from the compromised honeypot?

  2. #2
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Thnx Sumdum,

    Iwas just searching something like this about IDS.
    Good post.

    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts