Talk:Host-based intrusion detection system
This is the talk page for discussing improvements to the Host-based intrusion detection system article. This is not a forum for general discussion of the article's subject. |
Article policies
|
Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL |
This article was nominated for deletion on 12 July 2011 (UTC). The result of the discussion was keep. |
This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||
|
- This page has lots of claims that are invalid (operation of HIDS, etc).
- Some of this could end up well on a HIPS page.
- This article is made of fail, in need of a complete re-write. Like this line "(Crackers are a competitive bunch...) Again, one can detect (and learn from) such changes." —Preceding unsigned comment added by 80.253.137.5 (talk) 09:57, 13 September 2008 (UTC)
Protecting the HIDS
editmilitating? Surely there is a better word to use in that sentence in the section on Protecting the HIDS. It's not clear what that sentence even means. Oswald Glinkmeyer (talk) 21:52, 2 April 2009 (UTC)
Article seems useful albeit not well written
editArticle is absent of useful (let alone, notable) references. Quality of content is lacking. For example, under section 1.3, "Protecting the HIDS" text reads, "A HIDS will usually go to great lengths to prevent the object-database,..." This is inappropriate at best. Technically, it is simply inaccurate. Securing resources maintained by the HID is a useful subject since a failure to do so can make it rather useless -- although not necessarily in any way that differs from a failure to protect everything else, suitably. A HIDS, really is a program or script. It is not a "system". It monitors its host in order to issue alerts -- if configured to do so. It is neither alive, nor intelligent so doesn't do any sort of "protection". Protecting files and other resources is a joint responsibility shared by the Operating System and the system admin.
Kernel.package (talk) 04:59, 27 July 2011 (UTC)
An HIDS does not examine network packets, if it did it would be an NIDS. If it does both then it is a hybrid NIDS/HIDS. — Preceding unsigned comment added by 86.27.152.56 (talk) 17:49, 26 January 2012 (UTC)
Removal of links
editTo me it seems that the two links in the article just links to commercial products and don't add to the value of the article. Therefor seem very similar to ads. It would make more sense to put those two products into their own articles. In this article they could be mentioned as examples for commercial HIDSs. Would that make sense?--Athaba (talk) 12:04, 23 November 2016 (UTC)
Minor cleanup
editI made a few minor tweaks to the lead prose to remove the need for parenthesis. Much of what a HIDS does is based on how it is configured. I also added an additional reference (Vacca) further down the page that can potentially be used for some other sections. I'll try to do a little more work on this stub when I get a chance. DoctorG (talk) 21:09, 14 October 2017 (UTC)