Network-based ids (nids), Computer Network Security

Network-Based IDS (NIDS)

A NIDS resides on computer or appliance connected to segment of an organization’s network and looks for signs of attacks. While examining packets, a NIDS looks for the attack patterns. Installed at specific place in the network where it can watch traffic going into and out of particular network segment. It can detect various types of attacks, but requires much complex configuration and maintenance program.

NIDS Signature Matching


To detect an attack, NIDSs look for attack patterns, which are done by using special implementation of TCP/IP stack.In this technique of protocol stack verification, NIDSs look for invalid data packets structure. In the application protocol verification, higher order protocols are examined for the improper use.

Advantages and Disadvantages of NIDSs

Advantages:
-Good network design and placement of NIDS can enable organization to use a few devices to monitor large network
-NIDSs are usually passive and can be deployed into existing networks with little disruption to normal network operations
-NIDSs not susceptible to direct attack and may not be detectable by attackers.

Disadvantages:
-Can become overwhelmed by network volume and fail to recognize attacks
-Require access to all traffic to be monitored
-Cannot analyze encrypted packets
-Cannot reliably ascertain if attack was successful or not
- Some forms of attack are not easily discerned by NIDSs, specifically those involving fragmented packets

Posted Date: 10/9/2012 3:44:08 AM | Location : United States







Related Discussions:- Network-based ids (nids), Assignment Help, Ask Question on Network-based ids (nids), Get Answer, Expert's Help, Network-based ids (nids) Discussions

Write discussion on Network-based ids (nids)
Your posts are moderated
Related Questions
Network can be distinguished by shape. According to which there are three most popular methodologies, which are shown as follows; Star Ring Bus

Many applications are vulnerable to intrusion attacks and can provide misleading reports about misbehaving nodes. Some of the mechanisms under such a category include the Bayesian

Deploying Host-Based IDSs -Proper implementation of HIDSs can be painstaking and time-consuming task .The process of deployment begins with implementing most critical systems fi

Risk Identification Risk management comprises of identifying, classifying and prioritizing organization’s information assets, threats and vulnerabilities also. Risk Identificati

Problem 1: What is the function of AUC in the GSM architecture? Explanation of HLR(AUC) Architecture of GSM Problem 2: Show the layered architecture of t

which is best algorithm

The Internet is known as the set of networks connected by routers that are configured to pass traffic among any machine attached to any network in the set. By internet several

Question: (a) How can you prevent someone from accessing your computer when you leave your office for some time? (b) What is the difference between a classic login and a w


Network security has become much more complex than ever before. New types and sources of network security threats, always-on high-speed Internet connections, wireless networking, a