Intrusion Detection Systems
Acronym: Intrusion Detection System
A method to detect attacks against the integrity of an information system. Virus detection is also related to general intrusion detection. In fact this is just a part of what is known as Intrusion Detection Systems, specifically Host Based Intrusion Detection Systems. Another part is Network Based Intrusion Detection Systems.
A thorough knowledge of networking together with operating system and software exploits are becoming more important to users that connect to other computers, especially if they want to maintain maximum bandwidth capacity for themselves.
- AIDE - Homepage. GNU Homepage. - The Advanced Intrusion Detection Environment does everything Tripwire (tm) does and more. -- The program creates a database from the regular expression rules that it finds from the config file. Once this database is initialized you can use it to verify the integrity of the files. It has several message digest algoriths that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be chacked for inconsistencies. It can read databases from older or newer versions.
- Snort - Snort Homepage. Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.