ABSTRACT
Network intrusion detection systems (NIDS) monitor events on a network and analyze them to determine if they indicate an incident. If it is determined that there is an incident, an alert may be raised. Network intrusion prevention systems (NIPS) are essentially the same animal except that they will also block the potentially malicious network activities. NIPS, as a packaged commercial product, came after NIDS, although it should be said that even some of the earliest open-source NIDS software packages could be configured to send a TCP layer Reset packet to shut down the potentially malicious transaction in progress.
