This is a post which i stared learning recently so sharing my little knowledge so intrusion detection system (IDS) is basically used for monitoring the network, it detects intruders; that is, unexpected, unwanted or unauthorized people or programs on network.
What is Intrusion Detection System?

An intrusion detection system has a number of sensors that is used to detect unwanted or unexpected flow of network traffic, the major sensors as follows:

  • A sensor monitor log files

  • A sensor monitor TCP ingoing or outgoing connections

    How Intrusion Detection System Works?

    Intrusion detection system works by collecting information and then examining it.IDS collects data from it sensors and analyze this data to give notice to the system administrator about malicious activity on the network.

  • An intrusion detection system can be run manually but most IT administrators find it easier to automate the system checks to ensure that nothing is accidentally overlooked.

  • We can mainly categorize an IDS into two type:

    1. NIDS (Network Intrusion Detection Systems).
    2. HIDS (Host Intrusion Detection Systems)

    There is still a question, why we use IDS if there is firewall to perform these tasks, Firewall is used to stop unwanted traffic from entering or leaving the internal enterprise network, where as the IDS is deployed to monitor traffic in vital segments in the network, generating alerts when an intrusion is detected.

    A firewall has got holes to let things through, without it you wouldn't be able to access the Internet or send or receive emails, there are different ways to bypass or cheat a firewall.

    Snort is an excellent open source Network Intrusion Detection System, OSSEC is an Open Source Host-based Intrusion Detection System.

    Below is an an overview of the basic architecture as well as practical examples of how to customize Open Source Host-based Intrusion Detection System to manage logging from your infrastructure and applications.

    Video On Intrusion Detection System

    I will be coming up with next tutorial on it soon ...
  • Post a Comment

    Feel Free To Ask Your Query we Love To Answer