Disclosed are a system and method of sharing intrusion detection
information detected at different networks and tracking the intrusion, to
thereby defense against the intrusion on a network to which an intruder
belongs, and a computer-readable medium storing a program for
implementing the above method therein. The system detects an intrusion
through the analysis of an input packet, adds information associated with
the intrusion into the packet, creates an active packet and transmits the
active packet to an address of an intruder, which transmitted the packet.
Thereafter, the system tracks the intrusion, for all routes through which
the intruder passed based on the active packet, and filters the packet
associated with the intruder for the isolation thereof.