The ABCs of IDSs (Intrusion Detection Systems)
Source: Messageq.com - Posted by Chris Pallack   
Intrusion Detection The basic function of an IDS is to record signs of intruders at work inside and to give alerts. Depending on the product, how it is deployed and its network configuration, an IDS may only scan for attacks coming from outside . . . The basic function of an IDS is to record signs of intruders at work inside and to give alerts. Depending on the product, how it is deployed and its network configuration, an IDS may only scan for attacks coming from outside one's network or it may also monitor activities inside the network.

Some also look for anomaly intrusions. This requires an IDS that can be extensively configured by the user to match the peculiarities of the network to be defended. When Susie the systems administrator is at work at 2 a.m., this may be her normal behavior. But when Artie the administrative assistant logs on to his workstation at 2 a.m., that is most likely an anomaly. An IDS that detects anomalies must be scripted to tell the difference between the two log-ons.

Read this full article at Messageq.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!