02233

Netværkssikkerhed
Network Security

• Introduktion
• Nessus Scan
• Nessus Questions
• Snort Questions
  • Question 1
  • Question 2
  • Question 3
  • Question 4
  • Question 5
  • Question 6
  • Question 7
  • Question 8
  • Question 9
  • Question 10
  • Question 11
  • Question 12
  • Question 13
  • Question 14
  • Question 15
  • Question 16
  • Question 17
  • Question 18
• References

Question 12

Would you suggest IDS and IPS in an enterprise Intranet?
Why/why not?

We'll suggest it. Snort can be of help detecting and mitigating in at least the following cases

• One security risk often overlooked is the internal hacker / industrial spy. Snort can help in detecting anormalous traffic pointing to activities of this kind
• Detecting the deployment of un-authorized wireless access-points and modems
• Detecting and confining computers that have been compromised by viruses and trojans
• Detecting mobile computers

Bjarne D Mathiesen

Michael Pantridge

Thabet Al-Assdi

Chang Jensen