IT390 Unit 4 Topic 2:
An additional layer of protection that supplements firewalls, antivirus programs, and network-
based intrusion prevention systems (NIPS) is called a host-based intrusion prevention system
(HIPS). Attacks that other security layers were unable to detect, see, or halt are stopped by HIPS.
The five stages to an internet attack are:
1)
Probe
2)
Penetrate
3)
Persist
4)
Propagate
5)
Paralyze
Probe:
Probing entails looking for weaknesses in the network as the first step. Sweeping probes, or
network or port scans, require a properly set firewall to be protected against. Highly automated
probes are the equivalent of intelligence collection for hackers. What software is installed on
your network? What software vulnerabilities do you have? Which is the simplest method to join
your network? Typical probing tools include ping addresses and methodical guesses about
passwords and mail users.
Paralyze:
Permanent harm is caused at the paralysis stage. Users face widespread denial of service (DoS),
computers break, and the system becomes rife with security flaws. Data can also be altered,
deleted, or transferred to an attacker. The best defense is a well-managed network, continuously
monitored and shielded by several security layers.
References
Secureworks. (2011, June 28).
HIPS Are Crucial When Hackers Sidestep Your Firewall
. IF
HACKERS SIDESTEP YOUR FRONT DOOR, WHO’S WATCHING YOUR BACK?
https://www.secureworks.com/blog/why-hips
