Content deleted Content added
mNo edit summary |
Clinamental (talk | contribs) m Scurity ---> Security |
||
Line 5:
== Overview ==
{{Original research|section|date=July 2011}}
A host-based IDS is capable of monitoring all or parts of the dynamic behavior and the state of a computer system, based on how it is configured. Besides such activities as dynamically inspecting network packets targeted at this specific host (optional component with most software solutions commercially available), a HIDS might detect which program accesses what resources and discover that, for example, a word-processor has suddenly and inexplicably started modifying the system password database. Similarly a HIDS might look at the state of a system, its stored information, whether in [[Random Access Memory|RAM]], in the file system, log files or elsewhere; and check that the contents of these appear as expected, e.g. have not been changed by intruders.<ref>Vacca, John. ''Computer and Information
One can think of a HIDS as an [[software agent|agent]] that monitors whether anything or anyone, whether internal or external, has circumvented the system's [[security policy]].
| |||