7.2. NIDS Limitations

So far, the various IDS types seem like wonderful security devices. Even though we'll focus the rest of the chapter on NIDS, keep in mind that the drawbacks and challenges of an NIDS can apply to the other IDS types as well. In fact, the authors of a popular column in the trade magazine InfoWorld declared NIDS dead at the end of the year 2000 because of switched network technologies, imperfect one-size-fits-all attack signatures, high-volume network traffic overloading NIDS systems, and encrypted network data hiding pertinent attack information from the NIDS system, while leaving web servers vulnerable. Many times NIDS systems simply cannot respond in time to prevent an attack. It is now apparent, however, that NIDS, while ...

Get Mastering™ Network Security, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.