What is Host-based Intrusion Detection System (HIDS)

What is Host-based Intrusion Detection System (HIDS) X6ErktX

An HIDS monitors inbound and outbound network activity, networking service ports, system log files, and time stamps and content of data and configuration files to ensure they have not been changed.

An HIDS monitors specific host or device for suspicious behavior that could indicate someone is trying to break into the system.

A host-based system needs to be installed on a specific system or device. The host-based system can only monitor the system on which it is installed and is typically used for critical server systems rather than user workstations.

A host-based system can detect attacks that occur from a malicious user who is physically accessing the system console, rather that over the network. The unauthorized user may be trying to access an administrator account or trying to copy files to or from the system, for example. The intrusion detection system (IDS) is able to alert the administrator if someone has tried to log in to an account unsuccessfully too many times.



Did you find this tutorial helpful? Don’t forget to share your views with us.
A GeekPolice Security Tutorial