Network Intrusion Detection System

From Computing and Software Wiki

Revision as of 23:37, 23 March 2008 (view source) Khalats (Talk) ← Older edit		Revision as of 02:11, 24 March 2008 (view source) Khalats (Talk) Newer edit →
Line 12:		Line 12:
	- [[Detection]]: pattern/signature		- [[Detection]]: pattern/signature
-	- [[Alter]]:	+	- [[Alert]]:

---

Revision as of 02:11, 24 March 2008

Network Intrusion Detection Systems has 3 main concerns:

The typical function of a NIDS is based on a set of signatures (or rules), each describing one known intrusion threat. A NIDS examines network traffic and determines whether any signatures indicating intrusion attempts are matched. To detect such activity, NIDSes often need to inspect the payload of incoming packets for such signatures.

- Capture: data link layer packaging capture library

- Detection: pattern/signature

- Alert: