-
Notifications
You must be signed in to change notification settings - Fork 1
401 Class 14: Intrusion Detection and Prevention Systems (IDS IPS)
Nathalie Abdallah edited this page Jan 27, 2024
·
6 revisions
Home | README.md | Portfolio | ← | →
Reading The Pros and Cons of Network Intrusion Detection Systems
An Intrusion Detection System (IDS), notifies and alerts that something is happening VS. A firewall will prevent it from happening
IDS cannot process Encrypted packets, so no notification will be sent out if intruder uses encrypted packets to slip into the network
NIDS are best if you control the network, but to add an extra layer of awareness, Host based IDS are necessary when it's a specific device you need to secure.
- They only notify, but don't have some procedure in place to handle the situations it is notifying about
- IP Packets can still be Faked (the network address can still be spoofed)
- It can be crashed by protocol analyzer bugs and invalid data, (like putting something over a regular security camera)
Videos
Network Intrusion Detection and Prevention - CompTIA Security+ SY0-501 - 2.1