intrusion signature Last modified: Monday, April 21, 2003
Recorded evidence of a system intrusion, typically as part of an intrusion detection system (IDS). When a malicious attack is launched against a system, the attack typically leaves evidence of the intrusion in the system’s logs. Each intrusion leaves a kind of footprint behind (e.g., unauthorized software executions, failed logins, misuse of administrative privileges, file and directory access) that administrators can document and use to prevent the same attacks in the future. By keeping tables of intrusion signatures and instructing devices in the IDS to look for the intrusion signatures, a system’s security is strengthened against malicious attacks. Because each signature is different, it is possible for system administrators to determine by looking at the intrusion signature what the intrusion was, how and when it was perpetrated, and even how skilled the intruder is.
•E-mail this definition to a colleague• For internet.com pages about intrusion signature . Also check out the following links! eSecurity Planet  A resource for daily information on e-security targeted to IT managers. The site provides users with information from a variety of sources, including experts at security product and services firms, and the consultants who follow the security industry.	Network Management Security firewall hacker intrusion detection system script kiddie Give Us Your Feedback Shopping intrusion signature Products Compare Products,Prices and Stores Shop by Category: Software 31 Store Offers Firewalls 6 Model Matches