Security Basics mailing list archives

Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS?

From: Thrynn <thrynn404 () gmail com>
Date: Fri, 29 May 2009 12:20:46 -0400

Without knowing your infrastructure (number of servers, desktops,
routers, etc) it is hard to say whether you should care about a
network based detection system or not. If you have only one server,
then you certainly can say that it will be the only target, otherwise,
how can you be sure? In a larger network, NIDS can possibly give you
an *earlier* indication that something is happening, before your HIDS
gets tripped. I don't think one is a replacement for another and since
you point to a free HIDS, certainly cost isn't a limiting factor since
there is a free NIDS.

On Tue, May 26, 2009 at 8:46 PM, Juan B <juanbabi () yahoo com> wrote:


HI,

I am thinking that if the target of  a hacker is always the server so why I need the NIDS ? I can monitor very well 
just the servers with some kind of HIDS like Ossec and I am done no? why should I care about the NIDS when I have a 
well configured HIDS on every server?

thanks

Juan




------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. 
Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most 
concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain 
a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------

Current thread:

Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Kel (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Jeffrey Walton (Jun 01)
- <Possible follow-ups>
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Thrynn (Jun 01)
  - Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Francois Yang (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? evilwon12 (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Laurens Vets (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Aarón Mizrachi (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? lonervamp (Jun 01)
- RE: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Nick Vaernhoej (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? aditya mukadam (Jun 01)
- Re: A good question about NIDS & HIDS or why NIDS ant not just HIDS? Aarón Mizrachi (Jun 01)