Implementing a Windows 2000 Host Based Intrusion Detection System

Overview of Intrusion Detection Systems (IDS) Intrusion Detection Systems detect possible intrusions of an organizationÂ’s network. Attackers formulate strategies in an attempt to compromise one of the three components of Information Assurance (confidentiality, integrity, or availability). The desired result of an IDS implementation is to minimize time between detection and reaction to an intrusion. Two major forms of Intrusion Detection Systems exist: Host Intrusion Detection Systems (HIDS) and Network Intrusion Detection Systems (NIDS). HIDS and NIDS complement IT security and all organizations should consider using both forms of intrusion detection. The following overview is the culmination of several IDS primer articles located at http://www.securityfocus.net/cgi-bin/ids_topics.pl.

Tags:

Read the complete paper at SANS