Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "HIDS"
From NetSec
WillieArce (Talk | contribs) m |
MargeryLeddy (Talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | <b>H</b>ost-based <b>I</b>ntrusion <b>D</b>etection <b>S</b>ystem | + | A <b>H</b>ost-based <b>I</b>ntrusion <b>D</b>etection <b>S</b>ystem (HIDS) focuses on performing several intrusion detection mechanisms in a single [[host]] or computer, ensuring the integrity of it by searching for malicious or anomalous activity. It's an agent that monitors and reports on the system status, its stored information, and application activity. Some common features of HIDS systems include log analysis, real-time alerting, event correlation, integrity checking, policy enforcement, and rootkit detection. |
| + | |||
| + | |||
| + | == External Links == | ||
| + | * http://www.sans.org/security-resources/idfaq/what_is_hips.php | ||
| + | * http://www.ossec.net/ | ||
| + | * http://en.wikipedia.org/wiki/Host-based_intrusion_detection_system | ||
| + | |||
[[Category:Countermeasures]] | [[Category:Countermeasures]] | ||
Revision as of 08:18, 19 September 2011
A Host-based Intrusion Detection System (HIDS) focuses on performing several intrusion detection mechanisms in a single host or computer, ensuring the integrity of it by searching for malicious or anomalous activity. It's an agent that monitors and reports on the system status, its stored information, and application activity. Some common features of HIDS systems include log analysis, real-time alerting, event correlation, integrity checking, policy enforcement, and rootkit detection.
