Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "HIDS"

From NetSec
Jump to: navigation, search
m
 
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
<b>H</b>ost-based <b>I</b>ntrusion <b>D</b>etection <b>S</b>ystem
+
A <b>H</b>ost-based <b>I</b>ntrusion <b>D</b>etection <b>S</b>ystem (HIDS) focuses on performing several intrusion detection mechanisms in a single [[host]] or computer, ensuring the integrity of it by searching for malicious or anomalous activity. It's an agent that monitors and reports on the system status, its stored information, and application activity. Some common features of HIDS systems include log analysis, real-time alerting, event correlation, integrity checking, policy enforcement, and rootkit detection.
[[Category:Countermeasures]]
+
 
 +
* OSSEC
 +
* Tripwire
 +
* Verisys
 +
 
 +
 
 +
== External Links ==
 +
* http://www.sans.org/security-resources/idfaq/what_is_hips.php
 +
* http://www.ossec.net/
 +
* http://en.wikipedia.org/wiki/Host-based_intrusion_detection_system
 +
 
 +
{{expand}}{{countermeasures}}

Latest revision as of 19:38, 7 August 2012

A Host-based Intrusion Detection System (HIDS) focuses on performing several intrusion detection mechanisms in a single host or computer, ensuring the integrity of it by searching for malicious or anomalous activity. It's an agent that monitors and reports on the system status, its stored information, and application activity. Some common features of HIDS systems include log analysis, real-time alerting, event correlation, integrity checking, policy enforcement, and rootkit detection.

  • OSSEC
  • Tripwire
  • Verisys


External Links

This article contains too little information, it should be expanded or updated.
Things you can do to help:
  • add more content.
  • update current content.
HIDS is part of a series on countermeasures.