What is an Intrusion Detection System (IDS) ?

Many people mistakenly assume that when they purchase (or rent) and firewall / router for their home, that means that someone is protecting them from attacks.  Although this is true at the most basic level, certainly it would be the equivilent of putting door and windows on your home or office. 

Yes, the most basic attempts to get into your network may be stopped.  However, anything beyond that is a wide open risk.    A basic firewall / router may not even  lock the basic doors to protect you.    Most of these devices have external controls avaiable.  These can be used to control the device from outside of your home.   In fact from anywhere in the world. Even worse, many have known default usernames and password to control their all of their powerful functions. 

It is the equvilent of leaving your key in the front door, or a sticker with your access code right on the combination lock. 

Once through the front door, the protection delivered a firewall / router is no longer in play.   User traffic (in person or most likely automated hacking), will begin to traverse your home, looking for devices to connect to an exploit.

Your computers are most likely protected via anti-virus / malware protection, but any home automation devices (games, personal assistants (alexa, echo, etc,) are vulnerable.  

An IDS monitors all traffic inside and network , looking for abnormalities.  Then, if its an Reactive IDS, or had SIEM functionality, then it can take action to protect you and your devices.

Learn more about SIEM functionality next…

Here is a quick reference for you – https://en.wikipedia.org/wiki/Intrusion_detection_system

Leave a Reply

Your email address will not be published. Required fields are marked *