Abstract: A network intrusion detection strategy based on MIB-Ⅱ is proposed. It solves the security problems of SNMPv1 and SNMPv2, and avoids using SNMPv3 that is complicated and only partly supported by manufacturers. SNMPv1 is adopted in the proposed strategy because it is widely supported by manufacturers. By analyzing the data from MIB-Ⅱ, the security of network can be monitored from the data link layer, network layer, transport layer and application layer of TCP/IP protocols. Experimental results show that the proposed strategy can detect network intrusion in time and fit into the security management of small and medium sized networks.