Gourt > Computers > Security > Intrusion Detection Systems (4)
An Intrusion Detection System (or IDS) generally detects unwanted manipulations to systems. There are a lot of different types of IDS, some of them are described here. The manipulations may take the form of attacks by skilled malicious hackers, or script kiddies using automated tools.
An Intrusion Detection System is required to detect all types of malicious network traffic and computer usage that can't be detected by a conventional firewall. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms).
An IDS is composed of several components: Sensors which generate security events, a Console to monitor events and alerts and control the sensors, and a central Engine that records events logged by the sensors in a database and uses a system of rules to generate alerts from security events received. There are several ways to categorise an IDS depending on the type and location of the sensors and the methodology used by the engine to generate alerts. In many simple IDS implementations all three components are combined in a single device or appliance.
More on [ Intrusion-detection system ]
Firewalls :: Security
Security Scanners :: Products and Tools
Perot Systems is Hiring: Intrusion Detection Systems Specialis... (Plano, TX) http://bit.ly/4orowA #Jobs #TweetMyJOBS
tmj_dfw_it (TMJ - DFW IT Jobs) Sun, 20 Dec 2009 11:19:34 -0000
Perot Systems is Hiring: Intrusion Detection Systems Specialis... (Plano, TX) http://bit.ly/4orowA #Jobs #TweetMyJOBS
Intrusion Detection effektiv!: Modellierung und Analyse von Angriffsmustern (X.systems.press⦠http://goo.gl/fb/vqnX
fooshare (fooShare Community) Wed, 16 Dec 2009 19:47:55 -0000
Intrusion Detection effektiv!: Modellierung und Analyse von Angriffsmustern (X.systems.press… http://goo.gl/fb/vqnX
RT @FocusExperts: The Essential Guide to Intrusion Detection and Prevention Systems http://focus.com/c/Gy/ #in
johnsalvatierra (John Salvatierra) Tue, 15 Dec 2009 12:30:35 -0000
RT @FocusExperts: The Essential Guide to Intrusion Detection and Prevention Systems http://focus.com/c/Gy/ #in
The Essential Guide to Intrusion Detection and Prevention Systems http://focus.com/c/Gy/
FocusExperts (Focus) Mon, 14 Dec 2009 20:26:31 -0000
The Essential Guide to Intrusion Detection and Prevention Systems http://focus.com/c/Gy/
SecurityFocus - Intrusion detection focus area; designed to assist discussion on security related topics, and provides a comprehensive database of security knowledge and resources. It also hosts the BUGTRAQ mailing list.
Meta Description: [ SecurityFocus is designed to facilitate discussion on computer security related topics, create computer security awareness, and to provide the Internet's largest and most comprehensive database of computer security knowledge and resources to the public. It also hosts the BUGTRAQ mailing list. ]
COAST Intrusion Detection Hostlist - Clearinghouse listing of many of the Internet resources associated with intrusion detection and prevention systems. Includes inventories of commercial products, research projects, and other IDS-centric material.
Deepnines Technologies - Network security solution designed for deployment immediately outside the perimeter. Product suite integrates firewall, intrusion prevention, secure content management, and forensics reporting.
DShield - Distributed Intrusion Detection System. Submit your own firewall log excerpts or browse through current activity reported to the system. Features a list of the most wanted abusive IP addresses.
Meta Description: [ Distributed Intrusion Detection System. Submit your firewall log excerpts or browse through current activity reported to the system. Featuring a list of 10 Most Wanted IP Addresses ]
Internet Storm Center - Operated by the SANS Institute, the ISC provides a user-supported infrastructure for intrusion detection systems to share information about ongoing attacks that span countries, networks, and administrative boundaries.
Meta Description: [ SANS Internet Storm Center - A Cooperative cyber threat monitor and alert system. Featuring daily handler diaries with
summarizing and analyzing new threats and events. ]
500
Intrusion Detection System Resources - Comprehensive collection of tutorials, product reviews, general information and other resources dealing with Intrusion Detection and Prevention Systems.
Meta Description: [ Features a wealth of tutorials on various Windows networking related topics such as setting up Windows NT/XP/2000/2003 networks, troubleshooting, connectivity and more. Also includes a comprehensive archive of reviewed networking software. ]
Linux Security IDS - An excellent source of IDS-related information, including security best practices, audit procedures, penetration testing, community information and more.
404
LinuxSecurity IDS Resources - Comprehensive collection of IDS-related resources made available by the linuxsecurity.com community.
Michael Sobirey's IDS Page - An excellent index of most currently available IDS and IPS products, including vendor contact information.
NetWitness - Network monitoring tool that helps identify inappropriate use of network resources using live traffic analysis or output from other IDS systems.
Meta Description: [ Instantly Determine the Intent, Scope and Magnitude of Network Threats with NetWitness Forensic Analysis Software ]
Privacyware Intrusion Prevention and Detection - Extends the capabilities of conventional security systems to help manage threats more efficiently and effectively. Includes a wide array of intrusion detection and analysis tools for Windows servers.
Meta Description: [ Personal Firewall, Intrusion Prevention, Advanced Threat Prevention and Security Intelligence Solutions - Privacyware ]
404
Security Library - Collection of detailed technical papers on focusing on TCP networks, Intrusion Detection Systems, firewall protection and more.
500
Security Resources for Windows Network Administrators - Provides books, articles, software and other information on penetration testing and other security issues. Geared toward Windows NT/2000/XP Network Administrators.
Talisker Security Wizardry - Large index of computer security resources, including a glossary of Intrusion Detection and Prevention systems.
| How to Detect Rootkits on a Computer or Laptop by Britec | |
| Next Video | |
