Target-based intrusion detection is a process by which the detection engine customizes its behavior based on the characteristics of the target of an attack. For example, it does not make sense for an IDS to treat an Apache Web server on FreeBSD 7.0 the same as an IIS Web server on Windows Server 2003 when an intruder attacks it. Ideally the IDS would understand the differences in the two computer's network stacks and other features affecting detection choices. Snort indeed supports various forms of target-based intrusion detection techniques, and the tool is a leader in this respect.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.