Wednesday, October 24, 2012


Types of Intrusion Detection System


The goal of an intrusion detection system (IDS) is inspects all inbound and outbound network activity and identifies suspicious packets that may indicate to identify and monitor for evidence of attacks.  

There are three main types of IDS

Network Intrusion Detection System (NIDS)


Network Intrusion Detection System is to monitor the traffic travelling to or from different devices (network hub, network switch configured port monitoring, etc.) on the network.

Host Based Intrusion Detection System (HIDS)


It consists of a software set up, which has to be monitored. The software makes use of log files or auditing agents (binaries, password files, capability databases, access control list, etc.) of the system in the form of sources of data.

Stack Based Intrusion Detection System (SIDS)


Every packet is examined as they go through the TCP/IP stack and, therefore, it is not necessary for them to work with the network interface promiscuous mode. This fact makes its implementation to be dependent on the operating system that is being used.

No comments:

Post a Comment