An intrusion detection system (IDS) inotarisa mitambo yevatengesi uye vataridzi vezvinhu zvinenge zvichityisidzirwa uye inyevero ye system kana network administrator. Mune zvimwe zviitiko, IDS inogonawo kutarisa kumigwagwa isina kunaka kana yakaipa kuburikidza nekuita shanho sekuvhara mushumiri kana kuti pikisi yeIndaneti kubva pakusvika pakutanga.
IDS inouya mumhando dzakasiyana-siyana dze "mavhenekeri" uye inoenda kune chinangwa chekuona kushungurudzwa kwemigwagwa nenzira dzakasiyana. Kune mambure ekutengesa (NIDS) uye mauto akachengetedzwa (HIDS) ekutsvaga kushandiswa kwezvinhu. Pane maSIDS anoona zvichienderana nekutsvaga zvinyorwa zvekutyisidzira zvinozivikanwa- zvakafanana nenzira iyo antivirus software inoona uye inodzivirira kusagadzirisa malware- uye kune IDS iyo inoona zvichienderana nekuenzanisa migwagwa yepamigwagwa inopesana nekutanga uye kutarisa zvisiri izvo. Iko kune IDS inongotarisa uye kuchenjerera uye kune IDS iyo inoita chiito kana zviito mukupindura kune ngozi inowanikwa. Tichavhara chimwe nechimwe chezvi pfupi.
NIDS
Network Intrusion Detection Systems inogadziriswa pane chinangwa chepamusoro kana pfungwa mukati memutambo kuti iongorore chitima kune uye kubva kune zvese zvese pane network. Zvichida, iwe unogona kuongorora magetsi ose akapfuura uye akapfuura, kunyange zvazvo kuita kudaro kungagadzira chigadziro chinogona kukanganisa kufara kwehutaneti.
HIDS
Kushanda kweKutsvaga kweKutsvaga kunoshandiswa pamunhu mumwechete kana zvishandiso pamutambo. An HIDS anocherechedza mapeti akabuda uye akabuda kubva pechirongwa chete uye acharatidza kuti mushumiri kana mutungamiri webasa rinofungidzirwa anowanikwa
Signature Based
Chikwangwani chinobva kuI IDS chichatarisa mapepa pamusangano uye unozvienzanisa nechekodhesi yemasayina kana maitiro kubva kune zvinotyisidzira zvinokuvadza. Izvi zvakafanana nenzira iyo yakawanda yehutachiona software inoona malware. Nyaya ndeyokuti pachava nechegi pakati pekutyisidzira kutsva kuwanikwa musango uye kusayina kwekuona kutyisidzira uku kunoshandiswa kune IDS yako. Munguva iyoyo yakasakara, IDS yako inenge isingagoni kuona mutsva.
Anomaly Based
IAIDS iyo isinganzwisisiki inotarisa ichacherechedza mitambo yekutengesa uye inoenzanisa nayo nepamusoro pekutanga kwekutanga. Nheyo yepamusoro ichaona kuti chii "chinowanzo" kune iyo network - rudzi rwemakwikwiti anowanzoshandiswa, ndedzipi mitemo inoshandiswa, zvipi uye maitiro zvinowanzobatanirana kune mumwe nemumwe- uye chengetedza mutungamiri kana mushandisi kana magwagwa aonekwa anoshaya, kana kuti zvakasiyana zvakanyanya kupfuura yekutanga.
Passive IDS
A passive IDS inongoona uye inoshandiswa. Kana nzira yekufungira kana yakashata ichinyatsoonekwa kusanganisa kunogadzirwa uye kutumirwa kune mutungamiri kana mushumiri uye zviri kwavari kuti vatore chiito kuti vadzivise basa kana kupindura neimwe nzira.
Reactive IDS
A reactive IDS haizongogoni kuona kugadzirisa kana kuipa kwemigwagwa uye kuchenjerera mutungamiri asi inotora matanho anotsanangurwa asati apera kuti apindure kune ngozi. Kazhinji izvi zvinoreva kudzivirira chero humwe hutachiona hwemotokari kubva paIndaneti yepaIndaneti kana kuti user.
Chimwe chezvinhu zvakanyatsozivikanwa uye zvakanyanya kushandiswa kwekutsvaga nzira dzekutsvaga ndiyo inoshanduka, inowanikwa zviri nyore Snort. Inowanikwa kune dzimwe nhamba dzemapuratifomu uye maitiro ekushanda kusanganisira zvose Linux neWindows . Snort ine huru uye yakavimbika inotevera uye kune zvakawanda zvinowanikwa zviri paInternet apo iwe unogona kuwana zvinyorwa kuti uite kuti uone zvinoitika zvekupedzisira. Nokuda kwezvimwe zvibvumirano zvekushandira zvisingabhadhari, unogona kushanyira Free Intrusion Detection Software .
Pane mutsara wakaisvonaka pakati pomoto wemoto uye IDS. Kunewo teknolojia inonzi IPS - Intrusion Prevention System . An IPS inosanganisira firewall iyo inosanganisira network-level uye application-level filtering ne reactive IDS kuti dzidzivirire mutezo. Zvinoratidzika sekuti nguva inopfuurira kupisa moto, IDS nePS zvinotora humwe humwe hunhu kubva kune umwe uye dzinosvibisa mutsetse zvakanyanya.
Chaizvoizvo, moto wako wekudzivirira moto ndiwo mutsara wako wokutanga wezvokuchengetedza. Nzira dzakanaka dzinokurudzira kuti moto wako wekudzivirira moto uve wakanyatsogadzirirwa kusvika DENY yose inopinda motokari uye iwe unosvinudza matanda kana zvichidiwa. Iwe unogona kuzarura chikwata 80 kuti uwane mawebhidhiyo kana shanje 21 kuti uwane FTP file server . Chimwe nechimwe chezvibato izvi chinogona kudiwa kubva pane imwe pfungwa, asi zvinomiririrawo mavectors angangodaro ekutengesa kwekutengesa kupinda mu network yako panzvimbo yekudzivirirwa nemoto.
Ndiyo iyo IDS yako inopinda mazviri. Pasinei nokuti iwe unoshandisa NIDS kune rese network kana HIDS pane imwe nzvimbo yako, IDS ichacherechedza motokari inoputika uye inopera uye inoona migwagwa inoshungurudza kana yakaipa iyo inogona kunge yakadarika moto wako wepamoto kana zvinogona kunge zvichibva mukati memukati yako.
IAIDS inogona kuva chinhu chikuru chekuongorora nekushingaira nekuchengetedza unhu wako kubva pane zvinotyisa, zvisinei, zvinowanzotarisana nenhema. Nechose chinangwa chero chipi zvacho cheDIDS iwe unoshandisa iwe uchada ku "tune iyo" kana ichitanga kuiswa. Iwe unoda IDS kuti yakagadzirirwa zvakakodzera kuti uone kuti chii chinowanzoitika pamutambo wako kana izvo zvinogona kunge zvisina kunaka nemigwagwa newe, kana vatariri vane mutoro wekupindura kune mazano eDSID, vanoda kunzwisisa zvinorehwa nemazano uye kuti vangapindura sei.