Intrusion Detection Software

Go down

Intrusion Detection Software Empty Intrusion Detection Software

Post by jamied_uk on 12th October 2015, 00:37

There are two types of Network IDS: Signature detection and Anomaly Detection.

In a signature-based IDS, there are rules or patterns of known malicious traffic that it is looking for. Once a match to a signature is found it generates an alert. These alerts can turn up issues such as malware, scanning activity, attacks against servers and much more.

With anomaly-based IDS, the payload of the traffic is far less important than the activity that generated it. An anomaly-based IDS tool relies on baselines rather than signatures. It will look for unusual activity that deviates from statistical averages of previous activities or activity that has been previously unseen. Perhaps a server is sending out more HTTP activity than usual or a new host has been seen inside your DMZ.

Download Snort & Winpcap & Active IDS

Then there's Active IDS which Denies Access To Would Be Hackers

Posts : 2471
Join date : 2010-05-09
Age : 36
Location : UK

Back to top Go down

Back to top

Permissions in this forum:
You cannot reply to topics in this forum