Network Security Illustrated buy the book at Amazon now!


search site
Table of Contents

Book
Introduction

Managing
Security

Outsourcing
Options

Reserving
Rights

Determining
Identity

Preserving
Privacy

Connecting
Networks

Hardening
Networks

Storing
Information

Hiding
Information

Accessing
Information

Ensuring
Availability

Detecting
Intrusions

Page Tools
print this pagePrint this Page
Detecting
Intrusions
Chapter List
File Integrity
Viruses and Trojans
Network Scanners
Network Sniffers
Logging and Analysis
Computer Forensics (web bonus)
More Information
Resources (links)
Discussions
FAQs
Errata
Sample Pages
Buy The Book
at amazon.com

Summary

No matter how good your defenses, eventually a hacker will break through. How will you know when this happens? How will you catch the villain red-handed? Intrusion detection technologies can help spot hackers during and after the fact. Some of the tools can even identify places a hacker might attack before anything bad happens.

Key Points

  • Properly deploying an intrusion detection system (IDS) is a massive undertaking that can only succeed if the organization has a compatible security philosophy and policies.
  • Regardless of the marketing, intrusion detection systems are tools for experienced network administrators—not solutions that automatically solve problems on their own.
  • Some hackers are people, but most are actually computer programs.
  • Most intrusion detection systems are designed to catch people hackers, but end up being optimized to catch program hackers.
  • As used in practice, intrusion detection systems are glorified virus scanners (and we all know how effective those are).

Connections

Detecting intrusions can only be accomplished with persistence and consistency. The technologies covered here can help to verify the integrity of systems and data and detect if an intrusion has taken place.

  • File Integrity looks at tools can detect unauthorized modifications to critical system files and data.

  • Viruses and Trojans covers malicious applications intended to give third parties some form of control over remote computer systems.

  • Network Scanners describes programs that examine critical network systems services for configuration errors and vulnerabilities.

  • Network Sniffers captures network traffic for the purpose of analysis and intrusion detection.

  • Logging and Analysis explores gathering and analyzing diagnostic status information from network devices and software.

  • Computer Forensics (web bonus) explores tools that help keep an articulate record of what goes in and out of a system or network, which can help recreate past usage history of computer systems.

More Information

The above information is an excerpt from "Network Security Illustrated," published by McGraw-Hill and available from amazon.com, as well as your local bookstore. The book goes into much greater depth on this topic. To learn more about the book and what it covers, click here.

Below, you'll find links to online resources that supplement this portion of the book.


Resources

(websites, books, etc.)

Discussions

FAQs

Errata

Sample Pages