摘要 |
PURPOSE: A network based intrusion detection system is provided to actively block and disturb the attempt of hacking irrespective of the configuration of a network when network intrusion such as hacking, service attack, and scanning is sensed. CONSTITUTION: A monitoring NIC(Network Interface Card) and response NIC(110) collects a packet of an analyzing object traffic from a network 1(200a), and transmits a packet for performing an SNA(Suspicious Network Activity) and a session kill to the network 1(200a). A monitoring NIC(120a) collects a packet of an analyzing object traffic from a network 2(200b), and a response NIC(120b) transmits a packet for performing an SNA and a session kill to the network 2(200b). A monitoring NIC(130a) collects a packet of an analyzing object traffic from a network 3(200c), and transmits a packet for performing the SNA and the session kill to the network 3(200c) through the response NIC(120b).
|