What is intrusion-detection-system-ids?
A device or software application that monitors a network or systems for malicious activity or policy violations.
An IDS is a security tool that listens to your network traffic or monitors your system logs to detect signs of an attack. Unlike a firewall which blocks traffic, an IDS is primarily focused on detection and alerting. It can be Network-based (NIDS) or Host-based (HIDS).
graph LR
Center["What is intrusion-detection-system-ids?"]:::main
Rel_firewall["firewall"]:::related -.-> Center
click Rel_firewall "/terms/firewall"
Rel_admin_key_compromise["admin-key-compromise"]:::related -.-> Center
click Rel_admin_key_compromise "/terms/admin-key-compromise"
Rel_honeypot["honeypot"]:::related -.-> Center
click Rel_honeypot "/terms/honeypot"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧠 Teste de conhecimento
🧒 Explique como se eu tivesse 5 anos
An IDS is like a security camera in a bank. It doesn't lock the doors (the [firewall](/pt/terms/firewall) does that), but it watches everyone. If someone starts trying to pick a lock or acting suspicious, the camera sends an alert to the security guard so they can come and stop the intruder.
🤓 Expert Deep Dive
IDS systems use two main methods: Signature-based detection (looking for known patterns of malware) and Anomaly-based detection (using machine learning to find 'weird' behavior that doesn't match the normal baseline). Modern systems often combine both and integrate with IPS (Intrusion Prevention Systems) to automatically stop the attacks they find.