3. INTRODUCTION
In cybersecurity, an intrusion occurs when an unauthorized
entity manages to enter your network or host.
That entity can be a threat actor deliberately infiltrating a
system with harmful intentions. For example, it might be:
• A malicious hacker doing network reconnaissance or
a [DDoS attack].
• A non-malicious but unauthorized entity that entered
the system unintentionally.
An IDS helps prevent both undesirable cases.
5. DEFINITION:
An IDS is an indispensable part of network security. It is
introduced as a system for detecting intrusions that
attempt to compromise the main security goals,
confidentiality, integrity, and availability of a resource.
6. HOW DOES AN IDS WORK?
• An IDS monitors the traffic on a computer network to detect
any suspicious activity.
• It analyzes the data flowing through the network to look for
patterns and signs of abnormal behavior.
• The IDS compares the network activity to a set of
predefined rules or to the normal baseline to identify any
activity that might indicate an attack or intrusion.
• If the IDS detects something that matches one of these
rules or deviates from the normal baseline, it sends an alert
to the system administrator.
• The system administrator can then investigate the alert and
take action to prevent any damage or further intrusion.
8. DIFFERENT TYPES OF IDS:
Network-Based IDS (NIDS)
Choose a point on your network and examine all traffic on all devices
from that point.
Host-Based IDS (HIDS)
Examine traffic to and from independent devices within your network,
and leave all other devices alone.
Protocol-based IDS (PIDS)
monitors protocol layer traffic that is used by protocol to
communicate with each other
Application Protocol-based IDS (APIDS)
monitors application layer traffic that is used by applications to
communicate with each other.
Hybrid IDS
Combine some of the approaches listed above into a system
made just for you.
9. BENEFITS OF IDS:
• Detect several threats and alert your security staff, who can take
appropriate action.
• Detects DDoS Attacks.
• Helps Meet Regulatory Compliance Requirements.
• Detects Network Reconnaissance.
• Provides insights.
• Improves network performance
11. DETECTION METHOD:
Pattern or signature-based intrusion detection
looks for network traffic or file patterns and compares them with
similar threat-related patterns in their database. The IDS generates
an alert once it finds a match (potential threat).
Anomaly-based intrusion detection
employs ML technology monitors network traffic and compares it
against an established baseline to determine what is considered
normal for the network concerning bandwidth, protocols, ports
and other devices.
policy-based detection
the IDS compares traffic or files against pre-configured security
policies, much like a firewall. Once the IDS finds that certain traffic
violates the policy, it generates an alert.
14. Sensors / Agents
collect data from network or host sources and send it to the analyzer
for analysis.
Management Server
collects data from sensors and agents, correlates and analyzes it,
and centralizes the management of multiple IDS sensors.
Analyzers
process the data captured by sensors and apply various detection
techniques to identify potential threats or anomalies.
Database Server
stores the event data recorded by IDS sensors and agents, as well
as the IDS's configuration data and the results of the analyzer's
analysis.
User Interface / IDS Console
provides a graphical or command-line interface for administrators to
configure, manage, and view the results of IDS operations.
Alerting and Response Mechanisms
generate alerts or trigger response actions when IDS detects
suspicious or malicious activities.
17. NMAP AND METASPLOITABLE
FRAMEWORK
Nmap allows you to scan your network and discover not only everything
connected to it, but also a wide variety of information about what's
connected, what services each host is operating, and so on.
Now we should scan the target machine in Kali Linux using Nmap.
-sV : This is a service version scan.
-p- : Scans all ports.
18. VSFTPD OPEN PORT
I'll start with the first open port (port 21 vsftpd).
By this command we are searching f or the service of the f irst open port that we've f ound.
19. VSFTPD OPEN PORT
I found one excellent module to exploit this port. W hich is module “1”
So I will write “use 1” command.
we should only specify RHOST which is the IP of our target machine.
N ow we are ready to expl oit the Metasploi table .
20. VSFTPD OPEN PORT
And BAM!!!
You can now run any command you want or do malicious things to
the target machine.
21. INTRODUCTION
At Contoso, we empower organizations to foster collaborative thinking to further
drive workplace innovation. By closing the loop and leveraging agile frameworks,
we help business grow organically and foster a consumer-first mindset.
22. DEFINITION:
B2B MARKET SCENARIOS
Develop winning strategies to keep ahead
of the competition
Capitalize on low-hanging fruit to identify a
ballpark value
Visualize customer directed convergence
CLOUD-BASED
OPPORTUNITIES
Iterative approaches to corporate strategy
Establish a management framework from
the inside
23. INTRODUCTION
At Contoso, we empower organizations to foster collaborative
thinking to further drive workplace innovation. By closing the
loop and leveraging agile frameworks, we help business grow
organically and foster a consumer-first mindset.
26. MEET OUR TEAM
TAKUMA
HAYASHI
Pres ide nt
MIRJAM
NILSSON
Chief Executive
Of f icer
FLORA BERGGREN
Chief Operatio ns Of f icer
RAJESH
SANTOSHI
VP Mark eting
27. MEET OUR TEAM
GR AH AM B AR N ES
V P P r o d u c t
R OWAN M URPHY
S E O S t r a t e g i s t
ELIZABETH
M OORE
P r o d u c t D e s i g n e r
R OB IN K LINE
C o n t e n t D e v e l o p e r
TAK UM A H AYASH I
P r e s i d e n t
M IRJAM
N ILSSON
C h i e f E x e c u t i v e
O f f i c e r
FLORA B ERGGREN
C h i e f O p e r a t i o n s
O f f i c e r
R AJESH
SAN TOSHI
V P M a r k e t i n g
28. PLAN FOR PRODUCT LAUNCH
PLANNING
Synergize scalable
e-commerce
MARKETING
Disseminate
standardized
metrics
DESIGN
Coordinate e-
business
applications
STRATEGY
Foster holistically
superior
methodologies
LAUNCH
Deploy strategic
networks with
compelling e-
business needs
30. AREAS OF FOCUS
B2B MARKET SCENARIOS
Develop winning strategies to keep ahead
of the competition
Capitalize on low-hanging fruit to identify a
ballpark value
Visualize customer directed convergence
CLOUD-BASED
OPPORTUNITIES
Iterative approaches to corporate strategy
Establish a management framework from
the inside
31. AREAS OF FOCUS
B2B MARKET SCENARIOS
Develop winning strategies to keep ahead
of the competition
Capitalize on low-hanging fruit to identify a
ballpark value
Visualize customer directed convergence
CLOUD-BASED
OPPORTUNITIES
Iterative approaches to corporate strategy
Establish a management framework from
the inside
32. AREAS OF FOCUS
B2B MARKET SCENARIOS
Develop winning strategies to keep ahead of the
competition
Capitalize on low-hanging fruit to identify a ballpark value
Visualize customer directed convergence
CLOUD-BASED OPPORTUNITIES
Iterative approaches to corporate strategy
Establish a management framework from the inside
33. HOW WE GET THERE
ROI
Envision multimedia-based
expertise and cross-media
growth strategies
Engage worldwide
methodologies with web-
enabled technologies
NICHE MARKETS
Pursue scalable customer
service through sustainable
strategies
Engage top-line web services
with cutting-edge deliverables
SUPPLY CHAINS
Cultivate one-to-one customer
service with robust ideas
Maximize timely deliverables
for real-time schemas
34. SUMMARY
At Contoso, we believe in giving 110%. By using our next-
generation data architecture, we help organizations virtually
manage agile workflows. We thrive because of our market
knowledge and great team behind our product. As our CEO
says, "Efficiencies will come from proactively transforming how
we do business."