34,333
edits
Changes
→Host-based IDS - Weaknesses
* '''Local IDS Logging Vulnerable''' - Because host-based systems often log locally on the systems they are protecting they are vulnerable to having those log files compromised to remove any record of malicious activity.
* '''IDS Tunnel Vision''' - When we talk about ''tunnel vision'' we are talking about an IDS version of the human malady where it is only possible to see a small area in front. In many ways a host-based IDSs focus solely on host based activities has a tendency to ''blind'' the systems to the larger picture in terms of traffic on the surrounding network and connected hosts.
== Network-based Intrusion Detection Systems (NIDS) ==
