The things learned in this session:

• NIDS refers to network introduction detection system while NIPS refers network-based intrusion prevention system. It is utilized to detect any anomalies present in the network. What makes NIPS different from NIDS is that it tries to prevent any recognizable attack detected in the system.
• HIDS and NIDS are both rule based. The rule is actually a research conducted by people. If a researcher is able to detect a new pattern of attack, he will edit the rules by adding the new rules .
• There are two types of IDS. The first type is commercial and the second type is Open-Source. Examples of commercial IDS is check point IPS software blade, NGIPS, Extreme NIPS, Tipping Point IPS. Examples of open-source IDS (NIDS) are Snort, Bro, Suricata, and Sagan.