Chapter 14. Intrusion Detection Systems

IN THIS CHAPTER

• IDS Examples

• Signature Scanners

• IDS Theory

• Sensitivity

• Receiver Operating Characteristic Curves

• Hacking Through IDSs

• The Future of IDSs

• Strict Anomaly Detection

• Host Versus Network-Based IDSs

• Geometric Display of Data

Intrusion detection systems (IDSs) provide an additional level of security for your wireless-enabled network. Although not specific to wireless, because of the growing demand for this information we have included a short chapter here for those who take a holistic approach to network security.

By adding wireless access to your network, you are dramatically increasing your risk of compromise. To counter this increased threat, you should also consider adding additional layers of security for a defense in depth. A firewall and VPN (see Chapter 13, "Virtual Private Networks") might no longer be enough. Fortunately, a properly configured IDS can satisfy your demand for extra security by notifying you of suspected attacks.

This chapter will give an overview of IDSs, including their strengths and weaknesses. By understanding both the advantages and limitations of IDSs, you can more intelligently integrate them into your secure network design. To help you, we will provide some novel suggestions for choosing IDS technology and where to implement specific solutions in your network. Finally, we will take a look at the future of IDSs.