| Networking intrusion detection systems are highly | | | | all the computer in your network. Besides |
| essential to detect malicious activities taking place | | | | incoming network traffic, NIDS can detect any |
| in network environments. Such malicious activities | | | | intrusions taking place from outgoing traffic as |
| may include hacking, attempts by unauthorized | | | | well. If an attack has been launched from inside of |
| users to hack into your computer by examining | | | | your network segment, it will not be taken as |
| network traffic, denial of service attacks or port | | | | incoming traffic. |
| scans. | | | | |
| | | | | How Network Intrusion Detection Systems |
| How Network Intrusion Detection Systems | | | | (NIDS) Act as Packet Sniffers |
| (NIDS) Work | | | | Network intrusion detection systems usually |
| | | | | correlate with other systems and security tools. |
| A network intrusion detection system is a | | | | This means that they are capable of updating |
| technical device that checks on various activities | | | | blacklist of some firewalls with the IP addresses |
| on your network. For instance, you can supervise | | | | that were used by attackers. A NIDS does not |
| the in-and-out flow of data and monitor network | | | | impede the network traffic at all, unlike a firewall |
| traffic by installing NIDSs in your network. There | | | | or packet filter. Simply put, NIDSs act as packet |
| are specific points in the network where NIDSs | | | | sniffers and perform an analysis of the captured |
| are installed to check the traffic to and from all | | | | packets. |
| the other computers attached in the network. | | | | |
| | | | | Whenever a successful or unsuccessful attack |
| NIDSs also filter every single incoming packet to | | | | takes place in an environment secured with NIDS, |
| detect it for signatures, rules or any suspicious | | | | you can generate a security alert. You can collect |
| patterns. Suppose you observe numerous TCP | | | | necessary information that you use as important |
| connection sending requests to many different | | | | evidence, in case legal action is required. This also |
| ports. Then you can expect that an unauthorized | | | | helps you to handle such attacks in the future. |
| person is trying to conduct a port scan on few or | | | | |