Network-based ids (nids), Computer Network Security

Network-Based IDS (NIDS)

A NIDS resides on computer or appliance connected to segment of an organization’s network and looks for signs of attacks. While examining packets, a NIDS looks for the attack patterns. Installed at specific place in the network where it can watch traffic going into and out of particular network segment. It can detect various types of attacks, but requires much complex configuration and maintenance program.

NIDS Signature Matching

To detect an attack, NIDSs look for attack patterns, which are done by using special implementation of TCP/IP stack.In this technique of protocol stack verification, NIDSs look for invalid data packets structure. In the application protocol verification, higher order protocols are examined for the improper use.

Advantages and Disadvantages of NIDSs

-Good network design and placement of NIDS can enable organization to use a few devices to monitor large network
-NIDSs are usually passive and can be deployed into existing networks with little disruption to normal network operations
-NIDSs not susceptible to direct attack and may not be detectable by attackers.

-Can become overwhelmed by network volume and fail to recognize attacks
-Require access to all traffic to be monitored
-Cannot analyze encrypted packets
-Cannot reliably ascertain if attack was successful or not
- Some forms of attack are not easily discerned by NIDSs, specifically those involving fragmented packets

Posted Date: 10/9/2012 3:44:08 AM | Location : United States

Related Discussions:- Network-based ids (nids), Assignment Help, Ask Question on Network-based ids (nids), Get Answer, Expert's Help, Network-based ids (nids) Discussions

Write discussion on Network-based ids (nids)
Your posts are moderated
Related Questions
Describe the process a proposed standard goes through to become an RFC

Around the globe the bank controlled Co-ops (Visa, MasterCard, Discover, and American Express) have rolled out millions of smart cards under the EMV (Europay, MasterCard, VISA) sta

Da t a compre s sion and the trans p ort s e rvices,   The main purpose of the transport layer is to provide services which are efficient, reliable and cost-effecti

(a) Briefly explain the following security goals provided by cryptography: confidentiality, authentication, integrity and non-repudiation. (b) State Kerckhoff's Princip

Question: (a) Besides privacy, what other security functions does Pretty Good Privacy (PGP) provides? (b) What is the Post Office Protocol (POP) used for? Why is it impo

For this assessment, students must research and analyse two different scenarios. The two scenarios must be chosen from those described below and submitted as one Microsoft PowerPoi

Broadcasting is the distribution of video and audio content to a whole audience via any audio or visual mass communications medium, but generally one using electromagnetic radiat

implementing password policy in organisation

Divide the user data into 6 equal sets. Use the first set for the enrollment phase of your system, and the rest for the verification phase. Use the following formula to calculate t

(a) Consider the subsequent authentication options: A. Using password. B. Using pin and fingerprint Which option A or B provides stronger security and why? (b) Give