Identifying Common Attack Methods
Attackers use several well-known methods to attempt to breach networks. Actual attacks are constantly evolving. Although individual attacks will vary, they usually fall into one of the common attack methods discussed in this section.
Many organizations deploy Intrusion Detection Systems (IDSs) to detect and mitigate active attacks. At the very least, an IDS can detect and report the attack to administrators. IDSs that are more sophisticated can respond to attacks and take steps to protect the network environment and block the attack.
For example, an active IDS may detect an attack from a specific IP address and change the Access Control List (ACL) on a router to block all traffic from this computer.