Intrusion Detection Systems

From InfoAnarchy
Jump to: navigation, search

See also: Attack | Security | Privacy

Acronym: Intrusion Detection System

A method to detect attacks against the integrity of an information system. Virus detection is also related to general intrusion detection. In fact this is just a part of what is known as Intrusion Detection Systems, specifically Host Based Intrusion Detection Systems. Another part is Network Based Intrusion Detection Systems.

An IDS is usually part of a computer security regime, typically using software to help users to remove spyware or setup a software firewall and other privacy software.

A thorough knowledge of networking together with operating system and software exploits are becoming more important to users that connect to other computers, especially if they want to maintain maximum bandwidth capacity for themselves.

Software Titles

  • AIDE - Homepage. GNU Homepage. - The Advanced Intrusion Detection Environment does everything Tripwire (tm) does and more. -- The program creates a database from the regular expression rules that it finds from the config file. Once this database is initialized you can use it to verify the integrity of the files. It has several message digest algoriths that are used to check the integrity of the file. More algorithms can be added with relative ease. All of the usual file attributes can also be chacked for inconsistencies. It can read databases from older or newer versions.
  • Snort - Snort Homepage. Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
  • Prelude - Prelude Homepage. Prelude is an innovative Hybrid Intrusion Detection (NIDS+HIDS) system designed to be very modular, distributed, rock solid and fast.