Definition: IDS (intrusion detection system): An IDS is a security countermeasure. It monitors things looking for signs of intruders. Contrast: A host-based IDS monitor system events, logfiles, and so forth. A network-based IDS monitors network traffic, usually promiscuously. Contrast: A firewall simply blocks openings into your network/system, but cannot distinguish between good/bad activity. Therefore, if you need to allow an opening to a system (like a web-server), then a firewall cannot protect against intrusion attempts against this opening. In contrast, intrusion detection systems can monitor for hostile activity on these openings. More: See http:// www.robertgraham.com/pubs/network-intrusion-detection.html for more info. From Hacking-Lexicon
IDS (intrusion detection system)
By Juergen Haas, About.com
Suggested Reading
Explore Linux
Must Reads
About.com Special Features
Stay connected and entertained with reviews on tips on the latest HDTVs, cellphones and more. More >
Easy ways to connect two computers for networking purposes. More >
©2009 About.com, a part of The New York Times Company.
All rights reserved.