0 votes
in Computer Networks by (user.guest)

1 Answer

0 votes
by (user.guest)
Best answer

The statement, “The payload of TCP and UDP segments the signatures of the IDS’s and IPS’s are added” is True.

• To protect internal resources, information of an organization’s internal network from unauthorized users or attackers, the traffic entering into the network or leaving from the internal network must be checked for security.

• This checking will be accomplished by the signature based IDS (Intrusion Detection System) and IPS (Intrusion Prevention System).IDS (Intrusion Detection System) sensors are placed at the access router.

• The signature based IDS and IPS (Intrusion Prevention System) provides more protection than protection that a firewall provides.

• IDS and IPS deeply inspects not only the header fields but also the payloads of the TCP and UDP datagrams. IDS and IPS maintains a data base of signatures (signature is a part of a packet that is used previously to attack).

• When a packet enters the network, the IDS sensors will sniff the packet. If header fields or payload is matched with any signature in the database of signatures, then IDS sends alert messages so that the necessary action of protection or prevention can be taken either by the network administrator or the network management.

• Unlike IDS, IPS discards the packets instead of generating alerts, if attack is found.

• When a new attack is occurred, IDS updates it in the signatures data base with the new signature of the packet that used by attacker to attack recently.

Thus, to overcome the network attacks and provide more security, the IDS’s and IPS’s are inspected into the payloads of the TCP and UDP.

If you found this answer helpful, please upvote and share with other students in your network.

Related questions

Welcome to CPEN Talk
Solution-oriented students of computer engineering on one platform to get you that