Managed Intrusion Detection Services (IDS)
Conexim offers managed intrusion detection services (IDS) protection as a part of a comprehensive suite of management and security services.
An Intrusion Detection System (or IDS) is used to detect malicious or unwanted network traffic and computer usage. It differs from a firewall in that
a firewalls primary objective is prevention, whereas an IDS detects intrusions that have taken place and raises an alert. This is done by inspecting
inbound and outbound network traffic and identifying suspicious patterns of activity as the signature of an attack or intrusion. In addition to
raising an alert, an IDS is also capable of being reactive, terminating the suspicious behavior or adding/modifying firewall rules to block the
suspected malicious activity.
Two common types of IDS are network-based and host-based systems. They differ in that network-based IDS monitor network traffic by analysing
individual packets traveling through the network. Host-based IDS is most often a software package residing on the host which concentrates solely on
monitoring all activity on the host itself.
Network-based intrusion detection systems (NIDS) detect activity such as hacking attempts, port scans, and denial of service (DoS) attacks. By
monitoring all inbound and outbound network traffic on a packet by packet basis, suspicious patterns of activity can be identified, setting off the
alarm of a possible hacking attempt.
Host-based intrusion detection systems (HIDS) focus solely on the host, monitoring the internals of the system. By analysing the behavior of the
systems programs and resources it can determine if any activity breaches the security policy or operating systems rules, which is then identified as
malicious actions and the alarm triggered. Additionally, it protects against hacking attempts which originate internally to the network.
Recent security alerts
Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
Adobe Reader and Acrobat JBIG2 Filter Unspecified Memory Corruption Vulnerability
Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
Adobe Reader and Acrobat JBIG 'Halftone Region' Remote Heap Buffer Overflow Vulnerability
Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
Adobe Reader and Acrobat TrueType Font Handling Memory Corruption Vulnerability
Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
Adobe Reader and Acrobat JBIG 'Pattern Dictionary' Remote Heap Buffer Overflow Vulnerability
|