Video Description

This lesson covers intrusion detection systems. This is software that is used to monitor a network segment or an individual computer. Detection systems are used to detect attacks and other malicious activity. They are dynamic in nature and there are two types: network and host based (TCP wrappers). Intrusion detection systems consist of the following: - Sensors - Analysis engine - Management console An intrusion detection systems works via pattern matching and profile comparison. If a threat is detected, the intrusion detection system responds in a passive or active way. The drawbacks of these systems is they might not be able to process all packets on large networks and there can be a lot of false alarms.

Course Modules