First, peering into the details of packets can prove invaluable when dissecting a network attack and designing countermeasures. However, as a security professional, there are two important reasons to sniff network traffic.
Anyone who uses a tool like Wireshark without first obtaining the necessary permissions may quickly find themselves in hot water legally. Before anyone uses Wireshark, an organization should ensure that it has a clearly defined privacy policy that spells out the rights of individuals using its network, grants permission to sniff traffic for security and troubleshooting issues, and states the organization's policy requirements for obtaining, analyzing and retaining network traffic dumps. Future scopes, further development, pros and cons also have been discussed.The phrase "sniff the network" may conjure Orwellian visions of a Big Brother network administrator reading people's private email messages. An analytical operation has been conveyed on the proposed solution and compared with the existing standard system. Here in this paper a layered database system has been proposed to upgrade the system performance. To check every packets, Snort use a central database system of signature. It is a lightweight network based intrusion detection system, which read every incoming/outgoing packets through a network and alert the admin accordingly. The study has been done on the operational procedures of Network based open source IDS tool Snort. Different detection techniques have been discussed on network based IDS. Different types of IDS are also compared and criticized in this thesis which explore the vulnerability of the system. The basic aim of an Intrusion Detection System is to protect a computer network or system from unauthorized access of attacks. The thesis analyzes the ways of IDS which stands for Intrusion Detection System works.
0 kommentar(er)
