Information Security Officer Question: Download Information Security Professional PDF
Do you know what is the difference between an HIDS and a NIDS?
Answer:
Both acronyms are Intrusion Detection Systems, however the first is a Host Intrusion Detection System whereas the second is a Network Intrusion Detection System. An HIDS runs as a background utility in the same as an anti-virus program for instance, while a Network Intrusion Detection System sniffs packets as they go across the network looking for things that aren’t quite ordinary. Both systems have two basic variants: signature based and anomaly based. Signature based is very much like an anti-virus system, looking for known values of known ‘bad things’, while anomaly looks more for network traffic that doesn’t fit the usual pattern of the network. This requires a bit more time to get a good baseline, but in the long term can be better on the uptake for custom attacks.
Previous Question | Next Question |
Do you know what’s the difference between Symmetric and Asymmetric encryption? | Tell me are open-source projects more or less secure than proprietary ones? |