Collecting Proof and Handling Incidents

Previous page
Table of content
Next page

Intrusion detection systems can and should be used for collecting proof of unauthorized activity. They provide the following functional capabilities:

  • Logging events that take place during an attack, and saving this information for future analysis

  • Imitating non-existent applications in order to deceive the intruder (the so-called deception mode)

  • Enhanced analysis of the log files created by the system and application software, database servers, web servers, and so on

  • The possibility of investigating security events before taking any specific action

  • Obtaining information on the intruder, including his DNS, MAC, NetBIOS, and IP addresses


Previous page
Table of content
Next page
Protect Your Information with Intrusion Detection
Protect Your Information with Intrusion Detection (Power)
ISBN: 1931769117
EAN: 2147483647
Year: 2001
Pages: 152
Authors: A. Lukatsky, Alex Lukatsky
BUY ON AMAZON
High-Speed Signal Propagation[c] Advanced Black Magic
Metrics and Models in Software Quality Engineering (2nd Edition)
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
.NET System Management Services
VBScript in a Nutshell, 2nd Edition
GDI+ Programming with C#
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy