• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 16. Guarding Your System Against Hacking > What Is Intrusion Detection?

What Is Intrusion Detection?

An intrusion detection system (IDS) is an additional protection measure to firewalls, virus scanners, and encryption that helps ward off computer intrusions. IDS systems can be software and hardware devices used to detect an attack. Attacks can take many forms, as we have discussed. You can be attacked through applications such as Netscape, Internet Explorer, Eudora, or Microsoft Outlook. You can be attacked via the operating system, regardless of whether it is Unix-, Windows-, or Mac-based. You also can be attacked via the network through denial-of-service (DoS) attacks or attacks against protocols.

IDS products are used to monitor your connection to try to determine whether someone is launching an attack against you. Everything from a simple port scan to a full attack against your Web server can be detected by the IDS system. A flag is raised when you are being attacked. Some IDS systems just monitor and alert you of an attack, whereas others try to block the attack. As we mentioned when discussing BlackICE, some firewalls alert you of attacks, acting as an IDS.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint