In a PC based Network Intrusion Detection System (NIDS), the packet capturing component is a key bottleneck which reduces its effectiveness. NIDS deployment on multiprocessor or distributed systems that circumvents this bottleneck do not address operating system performance limitations which are the causal factors behind this bottleneck. Completion of intrusion detection task in bounded time at the sensors is also important to detect complex and co-ordinated attack patterns. Existing Linux based packet capturing solutions, NAPI and PFRING, are inefficient and have poor real-time performance. We have implemented an user space network interface (DMA ring) to capture packets under high network load on a modest commodity platform. DMA ring outperforms existing solutions in terms of higher load bearing, packet capturing capacity and superior real-time behavior. We proposed a scheme using DMA ring, which will improve the performance of an user space NIDS.