Definition: IDS (intrusion detection system): An IDS is a security countermeasure. It monitors things looking for signs of intruders. Contrast: A host-based IDS monitor system events, logfiles, and so forth. A network-based IDS monitors network traffic, usually promiscuously. Contrast: A firewall simply blocks openings into your network/system, but cannot distinguish between good/bad activity. Therefore, if you need to allow an opening to a system (like a web-server), then a firewall cannot protect against intrusion attempts against this opening. In contrast, intrusion detection systems can monitor for hostile activity on these openings. More: See http:// www.robertgraham.com/pubs/network-intrusion-detection.html for more info. From Hacking-Lexicon
IDS (intrusion detection system)
By Juergen Haas, About.com Guide
Suggested Reading
Explore Linux
Must Reads
About.com Special Features
Holiday Central
What to eat, where to go, fun things to do and how to save money on the perfect gifts. More >
Family Tech Center
Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >
©2009 About.com, a part of The New York Times Company.
All rights reserved.