INTRUSION DETECTION SYSTEM

An Intrusion detection system is generally considered to be any system
designed to detect attempts compromise the integrity, confidentiality or
availability of the protected network and associated computer systems. Intrusion
Detection System (IDS) aims to detect attempted compromises by monitoring
network traffic for indications that an attempted compromise is in progress, or an
internal system is behaving in a manner which indicates it may already be
compromised. A host based IDS (HIDS) monitors a single system for signs of
compromise.
The vast majority of worms and other successful cyber attacks are made possible
by vulnerabilities in a small number of common operating system services.
Attackers are opportunistic. They take the easiest and most convenient route and
exploit the best-known flaws with the most effective and widely available attack
tools. They count on organizations not fixing the problems, and they often attack
indiscriminately, scanning the Internet for any vulnerable systems. The easy and
destructive spread of worms, such as Blaster, Slammer, and Code Red, can be
traced directly to exploitation of unpatched vulnerabilities.