If my computer pointer starts moving by itself then I will at once pull out the network cable (LAN) or phone line from my PC as it is the point through which any external source can enter my PC. Port 3389 is a remote desktop connection port in windows which is usually opened in many computers on network. (Denning, 1990) A hacker can exploit it using a remote desktop connection and could send malicious threats or Trojans to gain access to the computer from this port. Removing my PC from the network will help isolate it and stop transferring the threat or virus to other Computers on the network.
A well define thought and planning is necessary before installing an Intrusion Detection System (IDS) on a network. Besides technical issues and product selection another serious factor are the resource issues that includes manning the sensor feeds, product expenses and infrastructure support that must also be kept in mind.
After the computer has been isolated the next step would be to detect and remove the threat using the appropriate Intrusion Detection Systems. Updated versions of spy ware and Antivirus software will be installed on the PC if the current versions could not detect the threat. ...Show more