Talk:Host-based intrusion detection system

This article was nominated for deletion on 12 July 2011 (UTC). The result of the discussion was keep.

Computer security: Computing Start‑class Low‑importance

This article is within the scope of WikiProject Computer security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer securityWikipedia:WikiProject Computer securityTemplate:WikiProject Computer securityComputer security Start This article has been rated as Start-class on Wikipedia's content assessment scale. Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject Computing (assessed as Low-importance). Things you can help WikiProject Computer security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

• This page has lots of claims that are invalid (operation of HIDS, etc).

• • Some of this could end up well on a HIPS page.

• • • This article is made of fail, in need of a complete re-write. Like this line "(Crackers are a competitive bunch...) Again, one can detect (and learn from) such changes." —Preceding unsigned comment added by 80.253.137.5 (talk) 09:57, 13 September 2008 (UTC)[reply]

militating? Surely there is a better word to use in that sentence in the section on Protecting the HIDS. It's not clear what that sentence even means. Oswald Glinkmeyer (talk) 21:52, 2 April 2009 (UTC)[reply]

Article is absent of useful (let alone, notable) references. Quality of content is lacking. For example, under section 1.3, "Protecting the HIDS" text reads, "A HIDS will usually go to great lengths to prevent the object-database,..." This is inappropriate at best. Technically, it is simply inaccurate. Securing resources maintained by the HID is a useful subject since a failure to do so can make it rather useless -- although not necessarily in any way that differs from a failure to protect everything else, suitably. A HIDS, really is a program or script. It is not a "system". It monitors its host in order to issue alerts -- if configured to do so. It is neither alive, nor intelligent so doesn't do any sort of "protection". Protecting files and other resources is a joint responsibility shared by the Operating System and the system admin.

Kernel.package (talk) 04:59, 27 July 2011 (UTC)[reply]

An HIDS does not examine network packets, if it did it would be an NIDS. If it does both then it is a hybrid NIDS/HIDS. — Preceding unsigned comment added by 86.27.152.56 (talk) 17:49, 26 January 2012 (UTC)[reply]

To me it seems that the two links in the article just links to commercial products and don't add to the value of the article. Therefor seem very similar to ads. It would make more sense to put those two products into their own articles. In this article they could be mentioned as examples for commercial HIDSs. Would that make sense?--Athaba (talk) 12:04, 23 November 2016 (UTC)[reply]

I made a few minor tweaks to the lead prose to remove the need for parenthesis. Much of what a HIDS does is based on how it is configured. I also added an additional reference (Vacca) further down the page that can potentially be used for some other sections. I'll try to do a little more work on this stub when I get a chance. Doctor^G  (talk) 21:09, 14 October 2017 (UTC)[reply]