Network-based ids (nids), Computer Network Security

Network-Based IDS (NIDS)

A NIDS resides on computer or appliance connected to segment of an organization’s network and looks for signs of attacks. While examining packets, a NIDS looks for the attack patterns. Installed at specific place in the network where it can watch traffic going into and out of particular network segment. It can detect various types of attacks, but requires much complex configuration and maintenance program.

NIDS Signature Matching


To detect an attack, NIDSs look for attack patterns, which are done by using special implementation of TCP/IP stack.In this technique of protocol stack verification, NIDSs look for invalid data packets structure. In the application protocol verification, higher order protocols are examined for the improper use.

Advantages and Disadvantages of NIDSs

Advantages:
-Good network design and placement of NIDS can enable organization to use a few devices to monitor large network
-NIDSs are usually passive and can be deployed into existing networks with little disruption to normal network operations
-NIDSs not susceptible to direct attack and may not be detectable by attackers.

Disadvantages:
-Can become overwhelmed by network volume and fail to recognize attacks
-Require access to all traffic to be monitored
-Cannot analyze encrypted packets
-Cannot reliably ascertain if attack was successful or not
- Some forms of attack are not easily discerned by NIDSs, specifically those involving fragmented packets

Posted Date: 10/9/2012 3:44:08 AM | Location : United States







Related Discussions:- Network-based ids (nids), Assignment Help, Ask Question on Network-based ids (nids), Get Answer, Expert's Help, Network-based ids (nids) Discussions

Write discussion on Network-based ids (nids)
Your posts are moderated
Related Questions
COMPONENTS OF AN INFORMATION SYSTEM The components of an information system are software, data, hardware, people, procedures and Networks. These 6 components are critical to ena

Information System Security 1. Write about: a. Potential Risks to Information Systems b. Factors to be addressed for making information systems more secure 2. Write about t

QUESTION (a) One of the biggest drawbacks that GNS3 has is that it supports only the IOS images of routers. This means that users cannot emulate Cisco switches. Suggest two sol

There are various benefits related with providing the security. They are given below,  (i)  Confidentiality/ Privacy (ii)  Integrity  (iii) Availability (iv)Authenticatio

Data units at different layers of the TCP/ IP protocol suite The data unit prepared at the application layer is known a message, at the transport layer the data unit build is

how to encryt the data in plaintext cipher

Problem: (a) Assume that a new application layer protocol is developed for video conferencing application. Which transport layer protocol, between TCP and UDP, will you u

Question: (a) Besides privacy, what other security functions does Pretty Good Privacy (PGP) provides? (b) What is the Post Office Protocol (POP) used for? Why is it impo

Question: (a) Give 2 benefits of using IPsec. (b) IPSec uses two protocol for security: Authentication Header protocol (AH) and the Encapsulated Security Header Protocol (

QUESTION (a) Describe the role of DNS root servers in the Internet network. (b) What do you understand by the handover concept in a mobile network? (c) List five meth