February 23, 2009
Mention some of the attacks by intruders in the network?
sathish asked:
1.Any Intrusion Detection Systems(IDS) that are available in the market now.If possible say some of the disadvantages of them.
2.where do IDS works- in local host network or outside ?
3.Any IEEE volumes that abstracts IDS and/or its problems/advantages?
Caffeinated Content
1.Any Intrusion Detection Systems(IDS) that are available in the market now.If possible say some of the disadvantages of them.
2.where do IDS works- in local host network or outside ?
3.Any IEEE volumes that abstracts IDS and/or its problems/advantages?
Caffeinated Content
Filed under Security by John
Comments on Mention some of the attacks by intruders in the network? »
Create a video blog…instantly.
Hi, please do your own research for the project you are working on. Nobody will help you if you post your questions like this and are too lazy to find out your own answers for your school project.
Kansieo.com
The industry standard is Snort.
snort.org
For newest rules that Snort is a bit slow to incorporate, see
bleeding snort.com
This presumes you have a basic understanding of unix/linux, and can setup your own box. IDS works at your border appliance, or if your network is large enough, strategically placed around the network.
However, you would probably be much better off with an IPS, (Intrusion Prevention System), with IDS alerting.
ISS.net Proventia line does a fantastic job at both.
With IDS, depending on the traffic volume you see, the rules that utilize PCRE can run a little slow, so some packets may get through undetected. But you would need a network which pumps a lot of traffic.