Intrusion Detection Software

View previous topic View next topic Go down

Intrusion Detection Software

Post by jamied_uk on 12th October 2015, 00:37

There are two types of Network IDS: Signature detection and Anomaly Detection.

In a signature-based IDS, there are rules or patterns of known malicious traffic that it is looking for. Once a match to a signature is found it generates an alert. These alerts can turn up issues such as malware, scanning activity, attacks against servers and much more.

With anomaly-based IDS, the payload of the traffic is far less important than the activity that generated it. An anomaly-based IDS tool relies on baselines rather than signatures. It will look for unusual activity that deviates from statistical averages of previous activities or activity that has been previously unseen. Perhaps a server is sending out more HTTP activity than usual or a new host has been seen inside your DMZ.

Download Snort & Winpcap & Active IDS https://app.box.com/s/n8on40mcrox9zzytcyrovgsa2tys5n88


http://www.ossec.net/

https://www.alienvault.com/blogs/security-essentials/open-source-intrusion-detection-tools-a-quick-overview

http://sectools.org/tag/ids/

http://www.windowsecurity.com/software/Intrusion-Detection/


Then there's Active IDS which Denies Access To Would Be Hackers

https://cyberarms.net/features/key-features.aspx
avatar
jamied_uk
Admin

Posts : 2260
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum