Definition: IDS (intrusion detection system): An IDS is a security countermeasure. It monitors things looking for signs of intruders. Contrast: A host-based IDS monitor system events, logfiles, and so forth. A network-based IDS monitors network traffic, usually promiscuously. Contrast: A firewall simply blocks openings into your network/system, but cannot distinguish between good/bad activity. Therefore, if you need to allow an opening to a system (like a web-server), then a firewall cannot protect against intrusion attempts against this opening. In contrast, intrusion detection systems can monitor for hostile activity on these openings. More: See http:// www.robertgraham.com/pubs/network-intrusion-detection.html for more info.
.................................
Source: Hacking-Lexicon / Linux Dictionary V 0.16
http://www.tldp.org/LDP/Linux-Dictionary/html/index.html
Author: Binh Nguyen linuxfilesystem(at)yahoo(dot)com(dot)au
.................................
