Table of Contents
Advertisement
About Intrusion Detection
Bonk
RDS_Shell
WinNuke
See
"Keeping
current with
LiveUpdate"
on
page 95.
Guarding against intrusion attempts
Intrusion Detection scans all the network traffic that
enters and exits your computer and compares this
information against a set of attack signatures,
arrangements of information that identify an attacker's
attempt to exploit a known operating system or program
vulnerability.
If the information matches an attack signature, Intrusion
Detection automatically discards the packet and severs
the connection with the computer that sent the data. This
protects your computer from being affected in any way.
Intrusion Detection protects your computer against most
common Internet attacks, including the following.
An attack on the Microsoft TCP/IP stack that can crash the
attacked computer
A method of exploiting the Remote Data Services
component of the Microsoft Data Access Components that
lets a remote attacker run commands with system
privileges
An exploit that can use NetBIOS to crash older Windows
computers
Intrusion Detection does not scan for intrusions by
computers in your Trusted Zone. However, Intrusion
Detection does monitor the information that you send to
Trusted computers for signs of zombies and other remote
control attacks.
Intrusion Detection relies on an extensive list of attack
signatures to detect and block suspicious network
activity. Run LiveUpdate regularly to ensure that your
list of attack signatures is up to date.
About Intrusion Detection
117
Advertisement
Table of Contents
