Discussion : A Network-Based Intrusion
Imagine you live by yourself on a quiet street. Each day, you leave your house in the morning and drive to work. One day while you are at work, someone breaks into your house by kicking in your front door. When you come home later, you can immediately see that someone has forcibly entered your house.
But what if the burglar had been more subtle and had picked the lock instead, re-locking the door before leaving? At first, you might not know you had been robbed.
But once you did, you might feel really uncomfortable with the idea that someone could enter your home without breaking a window or kicking in a door. For peace of mind, you probably would have an alarm system installed.
A network-based intrusion detection system (NIDS) is like a home's alarm system. Ideally, when someone breaks into a network that has an NIDS, an alarm is triggered. Like other important defensive tools, an NIDS is not infallible; a determined hacker always can find ways to defeat it and avoid detection.
To prepare, read the Discussion notes in the Unit 3 Notes, located in this unit's Learning Resources, and consider the following scenario:
Despite having a firewall and an NIDS, a company's systems have been hacked. Unfortunately, its network-based defensive tools did not detect the intrusion.
Evaluate the limitations of three network-based defensive tools. Based upon your evaluation, provide plausible explanations of how the hackers avoided detection.
In your posting, address the firewall and NIDS.