Week 8
Network Intrusion Detection and Analysis – HIDS/HIPS is a host-based intrusion detection system/prevention system while NIDS/NIPS is a network-based intrusion detection system/prevention system.
Modes of Detection :
- Signature Based Analysis
- Protocol Analysis
- Behavioral Analysis
Functionality :
- IDS’s are rule based
- Issues alerts
- Configured to capture suspicious packet sequences
There are 2 types of IDS : Commercial (Extreme point NIPS and tipping point IPS) and open source ( NIDS – Snort & Sagan, HIDS – AIDE & Samhain)
No Comments »
RSS feed for comments on this post. TrackBack URL