MonALISA Grid Monitoring
D-IDS
Menu mode: dynamic | fixed
  HOME       CLIENTS       REPOSITORIES       DOWNLOADS       LOOKING GLASS       FAST DATA TRANSFER  
MonALISA
Latest News
System Design
Documentation
Publications
Download
Interactive Clients
Service Applications
Intrusion Detection
WAN Topology
Monitoring VRVS
LISA
Search And Storage System
ApMon
AvailableBandwidth
Vinci
Optical Control Planes
Repositories
Related Projects
Team
Support
Looking Glass
Last update on:
Dec 03, 2015

Uptime: 174 days, 14h, 35m
Number of requests: 5643829
since 28 October 2005
Distributed Intrusion Detection System

Intrusion Detection System (IDS) technology is an important component in designing a secure environment.
Using our agents platform we have designed a distributed intrusion detection system. (DIDS).
For this purpose the monIDS monitoring module was developed. It collects and publishes the information generated by a local instrusion detection engine (i.e SNORT,but other engines may be supported).
An specialized IDS Agent is running on the MonALISA service and in case of an alert it takes custom reactive actions (e.g. adding a blocking rule in firewall) and also broadcasts the alert in its communication group. In this way the other services can prevent possible future attacks from the same host.
The attacking hosts are dynamically moved in a black-list based on the attacks level and the frequencies of them.
A periodical report containing the intrusion alerts is generated and sent to the farm administrator.

In order to configure MonALISA to start the IDS agent/module please refer to Section 3.6 from the Service User Guide.