home sitemap contact locklogin

 

Intrusion Detection Systems are designed to alert system managers to potential trouble whether it is from an internal or external source. Commonly attackers make a tentative probe first, wait to see if it is detected and then home in on a subsequent attempt. IDS is an intelligent system that reads and interprets the contents of log files from routers, firewalls, servers and other network devices to identify the type of traffic on the network and network activity patterns. The IDS responds to alerts by raising an alarm, activating an automatic response action to limit potential damage and attempts to identify the intruder and correlate evidence of activity.

The main types of IDS:

  • Network-based - looks for attack signatures and monitor network backbones.
  • Host-based - defends and monitors the operating and file systems.
  • Application-based - monitors only specific applications.
  • Signature-based - looks for patterns in events specific to known attacks.
  • Anomaly-based - looks for anomalies in network activities that may indicate attacks.
  2007 @ Netflow All Right Reserved Designed By: NetiApps