Information Security Resources

Entries Tagged ‘IDS’

What is Difference between Intrusion Detection System and Intrusion Prevention System?

ShivanandKadwadkar asked: How IDS and IPS achieved Most Popular IT Certification

Comments (7)

The Nuts and Bolts about Intrusion Prevention System (IPS)

An Intrusion Prevention System (IPS) is a computer security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. It is an in-line device that scans traffic and, based on a set of rules, determines whether data packets are legitimate or malicious. […]

Leave a Comment

Operations Security: Audit and Accountability

The accountability portion of security control refers to holding system users responsible for their actions by constantly monitoring all activities within the system. Consistently logging and auditing activities are ways that we monitor the system to ensure proper tracking of computer misuse. For example, as part of the auditing process, the following activities should be […]

Leave a Comment

The myths about Intrusion Detection System (IDS)

Myth # 1 IDS can handle network attacks automatically No. IDS can only assist a human being to investigate and detect any potential network attack undergoing in the network. Its still relies on the network administrator to hande the suspicious incidents. Myth # 2 Network based IDS can effectively monitor all network traffic of the […]

Comments (1)

Intrusion Detection System – is it truly automatic?

Intrusion Detection System (IDS), as its name suggests, is used to detect network anomalies. It is nothing but a combination of software and hardware used to network and host monitoring. If you are a network administrator, and you have the habit of regularly checking your server log, workstation login details, and/or firewall access logs. Then you […]

Comments (1)

Firewall cannot deal with internal network attack

Firewall is a perimeter security device. A perimeter security device is only good at protecting the internal network from external attack. That means if an intrusion originates from internal network, then firewall cannot deal with it. Statistics shows that most of the network attacks of an organization comes from internal employee and hence most likely […]

Comments (3)