3.1.9 IDS (Intrusion Detection System)
An Intrusion Detection System (IDS) is a system for detecting attempts to break into or misuse a system or network.290 It is, in effect, a burglar alarm for your network.
As with firewalls, they may be implemented as a dedicated piece of special-purpose hardware, or a software package running on a network computer. What kind of activities can intrusion detection systems identify? It varies with the particular IDS, but can include detection of network scans (in which an attacker is sending traffic to your network to map it, or find systems with known vulnerabilities), spoofing attempts and common script kiddie attacks such as denial of service attacks, attempts to connect to unsupported services, and receipt of network communication packets that violate standards.
290. Network Intrusion Detection Systems FAQ, http://www.robertgraham.com/pubs/network-intrusion-detection.html#1.1, Version 0.8.3, March 21, 2000.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.