Back to School Offer

Get 20% of Your First Order amount back in Reward Credits!

Get 20% of Your First Orderback in Rewards

All papers examples
Get a Free E-Book! ($50 Value)
HIRE A WRITER!
Paper Types
Disciplines
Get a Free E-Book! ($50 Value)

Advanced Digital Forensic Investigations, Essay Example

Pages: 3

Words: 863

Essay

IDS/IPS Practices

Security is an essential factor in every aspect of life. Likewise, it is related to every activity, process, procedures, technologies, methods, decisions etc. In the context of information technology, again, security has a significant impact on every process or procedure related to information exchange, acquisition, transfer or maintenance. As we are in the information age, manual processes are transformed in to a digital form. Likewise, information is digitized and is handled by security technologies. Traditional technological devices related to information security are a firewall. Organizations possessing information in a digitized form, must install a firewall, otherwise, it is impossible to secure the digital information located in the information systems. Previously, firewall was giving answers for security, but in the information age, where information is widespread in millions of systems worldwide and also includes interfaces via which users have to access the information, it is impossible to incorporate a single firewall, as an all-in-one solution for information security. Moreover, threats are far more significant and intelligent as compared to the previous. Hackers develop threats that are efficient in bypassing firewalls and compromise networks and consequently, intrusion/host/network intrusion detection systems were introduced. These security appliances provide advanced monitoring and sensing facilities that may alert concerns before an incident takes place. A complete and comprehensive definition of an IDS is available in network dictionary which says “set up to detect illegal actions within the host. Most IDS programs typically use signatures of known cracker attempts to signal an alert. Others look for deviations of the normal routine as indications of an attack. Intrusion detection is very tricky. Too much analysis can add excessive overhead and also trigger false alarm

Activities

In order to cope up with the configuration aspects, network engineers or users have to follow a criterion. Likewise, for monitoring internal or external events that may lead to an identification of threats, procedural steps must be considered for effective monitoring. However, these steps can be duplicated (Paquet, n.d):

  • Procedures for denying inline attacker: inline attacker is referring to a threat that may come from a wireless source that may try to intrude in the system at a particular time and will also demonstrate the processes that are triggered for removing the threat from the network, in case of a compromise. Moreover, the likelihood of inbound and outbound attacks will facilitate the network engineer to identify the methods, technology and algorithms that are integrated in the threat by the creator.
  • Procedures for denying inline connection: this procedure provides the transmission control protocol (TCP) stream for both inbound and outbound channels of data transmission. The provision of these streams on the application layer will provide the indication of an attack that is using any one of these streams and consequently, network engineers will terminate the relevant stream.
  • Procedures for denying packet inline: network engineers can set the criteria that will be stated as ‘any data packet that is originating from a wireless stream will be terminated it any anomaly is detected against it’ .Therefore, any data packet from a wireless network, behaves abnormally will be terminated or destroyed.
  • Procedures for Log attacker packets: for detecting suspicious packets, logs must be maintained and alerts will be generated as per the defined criteria.
  • Procedures for Log pair packets alignment: Apart from the above procedure, network engineers can also log the entries against the source and the affected workstation or system.
  • Procedures for block connection request: After analyzing all the procedures, IDS will instruct the firewall to block a suspicious data stream that is already evaluated and identified.
  • Procedures for blocking host: this procedure is similar to the above one except blocking the access of the host, if identified, instead of blocking a data stream.

Snort

Snort will allow the network engineers to construct a foundation of a tracing mechanism within the network that will organize raw data packet collection from all interfaces. ‘Lipcap’ provides a preprocessing mechanism that is located in the decoder of a data packet (Kumar, Bhaskari, Avadhani, & Kumar, 2010). Preprocessor makes these data packets compatible for applying rules (packet defragmentation), detecting engine and examine headers for generating alerts related to any suspicious activity originating from a wireless network source.

Only those protocol rules will be applied that are currently operational by a hacker and the detection engine will acts on the basis of defined criteria for a specific rule. Furthermore, collection engine in Snort will organize information from the source that will acts as an input for digital forensic investigations (Kumar, Bhaskari, Avadhani, & Kumar, 2010).

Windump

This tool is used to identify any malwares that may reside in any workstation or server within the network. Moreover, it also provides identification of unknown broadcasting that may occur in case of an active malware trying to send any confidential information to the hacker. Likewise, the tool also represents the IP addresses that are translated from the information retrieved from packet headers. However, there is a limitation i.e. windump only provides information that is associated with secure socket layer (SSL)

References

Ids. (2011). Computer Desktop Encyclopedia, , 1.

Paquet, C.Implementing cisco IOS network security (IINS): (CCNA security exam 640-553) (authorized self-study guide) Cisco Press.

Kumar, T. P., Bhaskari, L., Avadhani, P., & Kumar, P. V. (2010). Digital evidence collection in cyber forensics using snort. Proceedings of the International Conference on Information Warfare & Security, , 216-222.

Time is precious

Time is precious

don’t waste it!

Get instant essay
writing help!
Get instant essay writing help!
Plagiarism-free guarantee

Plagiarism-free
guarantee

Privacy guarantee

Privacy
guarantee

Secure checkout

Secure
checkout

Money back guarantee

Money back
guarantee

Related Essay Samples & Examples

Prevent terrorist strikes on American soil, Essay Example

Goal, Objectives, and Strategies The Department’s goal is to protect the homeland by thwarting terrorist threats and implementing emergency plans. These are the Department’s top [...]

Pages: 1

Words: 412

Essay

Science and Technology and Nation-Building, Essay Example

Science plays a pivotal role in technology. The combination of science and technology (S&T) results in the development of new knowledge used to improve human [...]

Pages: 3

Words: 768

Essay

Plato’s Portrayal of Socrates and the Historical Socrates, Essay Example

Socrates, the Athenian philosopher, changed how philosophers thought about the world. However, modern audiences believe that Socrates did not write any of his ideas down [...]

Pages: 5

Words: 1285

Essay

Ambiguity, Essay Example

The New Task I am Proposing My proposal is a promotion at work. I am a Business Development Associate at Universal New York, NY. My [...]

Pages: 1

Words: 278

Essay

Narratives That Shape Our World, Essay Example

The context and the values in the text Othello by William Shakespeare have shaped me in perspective through the main character Othello. I perceive life [...]

Pages: 6

Words: 1574

Essay

Cyber Security Career Path, Essay Example

Background The field of technology is quite intriguing. It’s fascinating to see how different technologies operate and what they have in common. It amazes me [...]

Pages: 7

Words: 1796

Essay

Prevent terrorist strikes on American soil, Essay Example

Goal, Objectives, and Strategies The Department’s goal is to protect the homeland by thwarting terrorist threats and implementing emergency plans. These are the Department’s top [...]

Pages: 1

Words: 412

Essay

Science and Technology and Nation-Building, Essay Example

Science plays a pivotal role in technology. The combination of science and technology (S&T) results in the development of new knowledge used to improve human [...]

Pages: 3

Words: 768

Essay

Plato’s Portrayal of Socrates and the Historical Socrates, Essay Example

Socrates, the Athenian philosopher, changed how philosophers thought about the world. However, modern audiences believe that Socrates did not write any of his ideas down [...]

Pages: 5

Words: 1285

Essay

Ambiguity, Essay Example

The New Task I am Proposing My proposal is a promotion at work. I am a Business Development Associate at Universal New York, NY. My [...]

Pages: 1

Words: 278

Essay

Narratives That Shape Our World, Essay Example

The context and the values in the text Othello by William Shakespeare have shaped me in perspective through the main character Othello. I perceive life [...]

Pages: 6

Words: 1574

Essay

Cyber Security Career Path, Essay Example

Background The field of technology is quite intriguing. It’s fascinating to see how different technologies operate and what they have in common. It amazes me [...]

Pages: 7

Words: 1796

Essay

Get a Free E-Book ($50 in value)

Get a Free E-Book

How To Write The Best Essay Ever!

How To Write The Best Essay Ever!