Inbreak detect term is contacted completely (3)

● IDS is classified 7 - Network IDS (NIDS, network IDS) : All NIDS is right shedding that undertake monitoring via monitoring network traffic of the representative, give response to questionable unusual activity and the lively action that include attack feature. NIDS contains the mixture information of IDS filter to wrap sniffer namely originally, but latter they become more intelligence is changed, can break interpret agreement and maintain position. NIDS existence is based on the product that uses a program, need to install lead plane to go up only with respect to applicable. NIDS includes the analysis that undertakes atttacking a feature to every information, but in the network high load falls, still should discard some of information package. The product of network IDS has SecureNetPro and Snort. 　

● IDS is classified 8 - Network Node IDS (NNIDS, network node IDS) : Some networks IDS is fluky below high speed, after lading, they can discard package of news of very tall proportional network, and commutative network mixes deferent information package via often can preventing hindering network IDS to see. NNIDS entrusts the function of NIDS alone lead plane, alleviated thereby the problem of high speed and exchange. Although NNIDS and individual firewall function are similar, but there still is distinction between them. To be by classify the individual firewall of NNIDS, should do an analysis to intentional join. For example, unlike discovers on a lot of individual firewall " try to join port Xxx " , a NNIDS will be right any explore do diagnostic analysis. Additional, the incident that NNIDS still can receive leader sends console of a center. NNIDS product has BlackICE Agent and Tiny CMDS. 　

● IDS classifies 9 - Personal Firewall (individual firewall) : Individual firewall installation is in separate system, prevent undesirable join, no matter be,those who come in still go out, protect lead plane system thereby. The attention does not want it and NNIDS promiscuous. Individual firewall has ZoneAlarm and Sybergen. 　

● IDS classifies 10 - Target-Based IDS (the IDS that is based on a target) : This is one of ambiguous IDS term, have different sense to different person. A possible definition is file integrality examination implement, and another definition is network IDS, what latter place searchs is only the attack feature that because suffer easily,be atttacked to those and is undertaken by network place of protection. The purpose of this definition is to raise the rate of IDS from the back, because it does not seek those needless charge. 　

IDWG (Intrusion Detection Working Group, inbreak detect working group)

Inbreak detect the program measure that the target of the working group is definition data format and commutative news, these information are to inbreaking the testing system, management system that answers system and those need and their interact has important sense. Inbreak detect working group and other IETF organization work in coordination. 　
Previous12 Next