I happen to live on a guarded estate for almost two months already and I've noticed one thing — guards try to be invisible to people who live there. In fact nobody checks if people walking into the buildings are actually entitled to do this. Provided they look and behave as legitimate residents or guests, everything is all right. Otherwise the security would reacts. At least I like to think that seeing someone running away with a TV they would do something.

This security approach works as an anomaly detector. Legitimate activity is not affected at all, but any suspicious or obviously malicious behavior raises an alarm.

So, whether you rob an apartment on a guarded estate or try to slip through an IPS or an IDS in a corporate network, what you need to do is to pretend to be a legitimate person (be it a resident or a user) for as long as you can. In other words, let yourself, your activities, traffic that you generate and whatnot blend into the background. It's as easy as that.

Oh, and kids, don't do this at home.