Intrusion prevention system

System to prevent unauthorised access to a system or network

Intrusion prevention systems are similar to intrusion detection systems, monitoring network boundaries or individual host systems for anomalous or unauthorised activity, but they also have the ability to block such activity once it has been identified.

In network-based intrusion prevention systems (NIPS), any data packets massing through the network boundary that are identified as potentially harmful are simply dropped. NIPS systems can analyse the content of data packets for unwanted types of data, the use of protocols for irregular or manipulative activity, and also the rate of data, watching for spikes in traffic which may indicate a mass attack or DDoS. The system can take a holistic view of the network and so may be able to spot possible infections leaking data from within the network.

At the host level (HIPS), a complex array of system monitors analyse the behaviour of processes as well as network traffic to spot behaviours contravening the system's rules, and block any unwanted activity. At this level a greater degree of inspection is possible inside data which is encrypted at the network level.

Poll

Do you use the same password(s) across multiple websites?
I use the same password for all sites
I have a number of passwords but use the same for some sites
I use a different password for each site
I don't sign up to any sites that require a password

Leave a comment
View 4 comments
Jobs Career Sidebar

Malware Prevalence

Agent |#######################|
OnlineGames |#################|
Kryptik |#############|
Heuristic/generic |#####|
Heuristic/generic |#####|
 View this month's full report
Virus Bulletin currently has 190,965 registered users.