IDS Fundamentals - cyber security 101,walkthrough
_Task -1: What is an IDS _ A firewall is usually the first line of defense in a network. It sits at the boundary and checks traffic that is coming in or going out. If the traffic matches the allowed rules, it lets it pass. If it violates the rules, it blocks it. Simple. But here’s the catch. What if an attacker sends traffic that looks completely normal? The firewall sees nothing suspicious and allows it. Now the attacker is inside the network. Once inside, the attacker might start scanning systems, trying passwords, or accessing sensitive data. At this point, the firewall has already done its job. It allowed the connection. It doesn’t monitor what happens afterward. This is where an Intrusion Detection System (IDS) comes in. Think of it like building security. The firewall is the security guard at the gate. The IDS is the CCTV camera inside the building. Even if someone manages to enter through the gate, the cameras are still watching. If that person starts doing something suspicious,
Continue reading on Dev.to
Opens in a new tab
