| Network intrusion detection systems identify security | | | | Network intrusion detection systems are now among |
| threats by detecting malicious activity such as scans, | | | | the most commonly used network based security |
| denial of service attacks and unauthorized access | | | | tools. |
| through the examination of network traffic. They are | | | | If a networked computer system is not equipped with |
| installed at strategic points on the network to monitor | | | | a network intrusion detection system the network |
| traffic to and from all hosts on the network. Unlike a | | | | administrators could be unaware of many attacks that |
| packet filter or firewall, where a packet filtering | | | | take place and only become aware of a successful |
| decision is made on weather or not to allow traffic to | | | | attack when it symptoms occurs. An example of such |
| continue, network intrusion detection systems do not | | | | an attack could be where an unauthorized user |
| interfere with network traffic in any way. In simple | | | | retrieves password files from a login server without |
| terms these systems could be described as a packet | | | | damaging the host. The attack may only become |
| sniffer that also analyzes the captured packets. | | | | apparent when the intruder uses the password to gain |
| In 1997 ISS released RealSecure, the first commercial | | | | root privileges, by which time the system security |
| network intrusion detection system which soon began | | | | would be severely compromised. In an environment |
| to gain in popularity. The following year Cisco took an | | | | equipped with a network intrusion detection system, |
| interest in this area of security by purchasing a security | | | | when a successful or unsuccessful attack occurs, a |
| company called 'Wheel Group' in order to supply their | | | | security alert is generated and information is collected |
| customers with similar technologies. From that point, a | | | | which could be invaluable as evidence if legal action is |
| host of companies took interest and became involved | | | | to be taken or in preventing the attack from happening |
| in developing and evolving commercial systems. | | | | again. |