When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?