Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "IDS"

From NetSec
Jump to: navigation, search
m
(No difference)

Revision as of 15:49, 18 December 2010

Intrusion Detection Systems

IDS are used to detect attacks aimed at a network or host. See Also: IPS, NIDS, and HIDS.

Tools:

Cisco IDS NIDS 

 Cisco IDS - A network layer intrusion detection system based off of tcpdump with signature support.

Snort NIDS 

 Snort - A network layer intrusion detection system based off of libpcap with signature support and preprocessor support.

OSSEC HIDS 

 OSSEC - A host-based intrusion detection system that utilizies log analysis combined with integrity checksums and rootkit detection engines.

Samhain HIDS 

 Samhain - A file integrity checking application similar to OSSEC

Nepenthes HIDS 

 Nepenthes - A malware connection utility similar to HoneyD

HoneyD HIDS 

 HoneyD - A tool for collecting malware and tricking attackers into thinking they've performed a successful attack.
Retrieved from "http://nets.ec/index.php?title=IDS&oldid=1127"