Click here for more information on advertising
Web Birds-Eye.Net
What's New?

Download Purchased Items

Research:
Analysis
International

Reference:
Acronyms & Definitions
Articles
Broadband Directory
Legacy
Operations
Technical
Yearly Predictions
> RSS Feeds <

Business Forms:
Due Diligence Checklist
Funding & VC Due Diligence
Real Estate Due Diligence

Resources:
Monitoring/Reporting/Benchmarking
Patent Harvesting Kit
Ready to Use Scripts
Source Code

Referral:
Expert Consulting
Referral

Other:
Advertise With Us
Feedback
 Recommended Reading
Fishing
House
Baby in the City
Blog

 

[Numeric] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

NIDS - Network Intrusion Detection System

By: Christine Martz

Meaning of NIDS – “Network Intrusion Detection System”, is a security system that detects malicious activity on your network by hackers or others attempting to misuse or break into your system.

A Network Intrusion Detection System works by monitoring packets on a network and tries to find out if a hacker is attempting to break into your system or cause denial of service attacks or other malicious activity. A system might watch for large number of TCP connection requests to several different ports on a machine finds out that someone is attempting a TCP port scan. A NIDS system could run either on a machine that monitors its own traffic or on dedicated machine that watches the traffic on the entire network.

NIDS are part of a broader range of security systems called Intrusion Detection System (IDS). IDS also consists of System Integrity Verifiers (SIV), that monitor system files to see if and when a hacker changed them; Log File Monitors (LFM), that monitor log files that are generated by the services on your network; and variety of other security implementations.

Other Related Definitions:

“…Standalone NIDS appliances are available; however, most NIDSs are software programs that you install on dedicated workstations that contain a NIC. As traffic crosses the network segment, the NIDS uses a signature-based approach similar to that of an antivirus scanner to examine the packet. Because interrogating network traffic at software speeds can slow traffic or cause misdiagnoses, an effective NIDS will have several layers of inspection filters or preprocessors. The first layer should immediately drop from the inspection pool any packet that isn't dangerous. Each descending filter layer fine-tunes the traffic and compares only the most likely suspects with the signature database.” [SANS Institute]

“…Currently, no industry standards exist for testing any aspect of network intrusion detection systems (NIDS). The NIDS industry is maturing along the same lines as the router, switch, and firewall industries that came before it, and has now reached the point where standardization of testing and benchmarking is possible.” [Cisco Systems]

“…The NIDS usually has two types of components: the sensor module and the management module. The network sensor is the component that does the bulk of the intrusion detection. A sensor, which is a piece of software that partly resembles a packet sniffer, generally sits behind the firewall and receives a mirror of all network traffic going to and from that firewall. ” [Digital Defense]

“…Most NIDSs have some sort of filtering function that allows certain types of traffic to be disregarded. There are a couple instances when this type of filtering may be of value. Firstly, if there is a server or subnet that generates a lot of traffic that does not need to be monitored. One form of this type of traffic would be multicast traffic, which is usually some type of streaming media. Some switch vendors may be able to filter the traffic before it gets to the NIDS.” [Neil Desai - SecurityFocus]

Related Links:

Optimizing NIDS Performance - Improve the performance of your NIDS
FAQ: Network Intrusion Detection Systems - Simple questions related to detecting intruders who attack systems through the network.
Intrusion Detection Systems - A NIDS Tutorial.

Technical Resources:

Distributed NIDS: A HOW-TO Guide
NIDS in a Layered Security Model
Intrusion Detection Systems

Products and Solutions:

BlackICE by Network ICE

Blogs, News, Feeds, Discussion Lists:

Focus on IDS Mailing List

Books About:

Implementing Intrusion Detection Systems : A Hands-On Guide for Securing the Network - by Tim Crothers
Intrusion Detection in Distributed Systems : An Abstraction-Based Approach - by Peng Ning
Inside Network Perimeter Security: The Definitive Guide to Firewalls, VPNs, Routers, and Intrusion Detection Systems - by Stephen Northcutt

See Also:

Other NIDS Related Resources

 

[Numeric] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

 

(C) Copyright Birds-Eye.Net, All rights reserved.
It is against the law to reproduce this content or any portion of it in any form without the explicit written permission of Birds-Eye Network Services, LLC. Federal copyright law (17 USC 504) makes it illegal, punishable with fines up to $100,000 per violation plus attorney's fees.