Computer Intrusions are on the rise. Whether it's script kids trying to deface a web page or a calculated attacker trying to steal credit card information, sites must equip themselves to not only ward off attacks, but know if these attacks are taking place. This is where Intrusion Detection Systems (IDS) come into play. In a nutshell, an IDS is a system that sits on a network and watches for anomalies. A basic IDS watches either all of the traffic or a sampling of the traffic going through the wire. It compares this traffic to a database of fingerprints or signatures of known attacks. If an attack is detected the IDS can take multiple actions depending on the configurable response to the attack. These actions can be anything from paging the administrator to dropping the route of the attacker. More complex IDS's will also recognize anomalies in the patterns of system users.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
