Analyzing Data from Network Equipment

Previous page
Table of content
Next page

Log files of routers and other network devices serve as an additional source of information on attacks that target the information resources of a corporate network. However, most organizations do not analyze these log files for traces of unauthorized activities, either because such logs do not exist or because the analysis tools (for example, netForensics) are rather expensive.

The task of collecting log-file information and analyzing logged security events can be delegated to the intrusion detection system, which in this case plays the role of a Syslog server. A Syslog server can centralize the process of collecting log-file information and detect attacks and misuses based on this information. Additionally, this measure protects log files from unauthorized modification, since all events logged by routers are immediately transmitted to the IDS sensor. This prevents the intruder from cleaning up the traces of his or her unauthorized activities.


Previous page
Table of content
Next page
Protect Your Information with Intrusion Detection
Protect Your Information with Intrusion Detection (Power)
ISBN: 1931769117
EAN: 2147483647
Year: 2001
Pages: 152
Authors: A. Lukatsky, Alex Lukatsky
BUY ON AMAZON
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Documenting Software Architectures: Views and Beyond
Data Structures and Algorithms in Java
The Java Tutorial: A Short Course on the Basics, 4th Edition
AutoCAD 2005 and AutoCAD LT 2005. No Experience Required
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy