Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "NIDS"

From NetSec
Jump to: navigation, search
(Snort)
 
(16 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
NIDS are an [[IDS]] that monitor all traffic to and from all network devices. It will read incoming [[Packet|packets]] looking for suspicious patterns. Popular NIDs such as [[snort]] and [[Cisco IDS]] are used often-times in conjunction with a [[firewall]] to form an [[IPS]].  Also commonly used to send information to a [[SIM]] or [[SIM|SIMS]]
 
NIDS are an [[IDS]] that monitor all traffic to and from all network devices. It will read incoming [[Packet|packets]] looking for suspicious patterns. Popular NIDs such as [[snort]] and [[Cisco IDS]] are used often-times in conjunction with a [[firewall]] to form an [[IPS]].  Also commonly used to send information to a [[SIM]] or [[SIM|SIMS]]
  
==Snort==
+
{{countermeasures}}
 
+
Snort is a packet sniffer and intrusion detection system that can be used to add a layer of surveillance to your system. In this way, it is similar to tcpdump, but with some more advanced rule-setting capabilities for detecting certain forms of packets. Snort is one of the most widely used IDSes under Linux, and a port exists for the Windows [[Operating System]].
+
 
+
 
+
[[Category:Countermeasures]][[Category:Information]]
+

Latest revision as of 03:44, 16 May 2012

Network layer Intrusion Detection Systems

NIDS are an IDS that monitor all traffic to and from all network devices. It will read incoming packets looking for suspicious patterns. Popular NIDs such as snort and Cisco IDS are used often-times in conjunction with a firewall to form an IPS. Also commonly used to send information to a SIM or SIMS

NIDS is part of a series on countermeasures.