Encyclopedia > Network intrusion detection system

  Article Content

Network intrusion detection system

A network intrusion detection system (NIDS) is a system that tries to detect cracker activity such as denial of service attacks, port-scans or even attempts to crack into computers.

The NIDS does this by reading all the incoming packets and trying to find suspicious patterns. If, for example, a large number of TCP connection requests to a very large number of different ports is observed, one could assume that there is someone committing a "portscan" at some of the computer(s) in the network. It also (mostly) tries to detect incoming shellcodes in the same manner that an ordinary intrusion detection systems does.

Often, network intrusion detection systems work with other systems as well. They can for example update some firewalls' blacklist with the IP addresses of computers used by (suspected) crackers.

See also: intrusion detection system, intelligent intrusion detection systems[?]



All Wikipedia text is available under the terms of the GNU Free Documentation License

 
  Search Encyclopedia

Search over one million articles, find something about almost anything!
 
 
  
  Featured Article
242

... - 3rd century - 4th century Decades: 190s 200s 210s 220s 230s - 240s - 250s 260s 270s 280s 290s Years: 237 238 239 240 241 - 242 - 243 244 245 246 ...

 
 
 
This page was created in 38.9 ms