Chapter 13
Intrusion Detection and Event Monitoring
About This Chapter
Regardless of the security of your network, attacks can and do occur. These events range from malicious intrusions to denial of service attacks that inhibit your Internet servers. To respond to these events quickly, you must detect them by closely monitoring event and audit logs. In this chapter, you look at strategies for detecting network intrusions and methods of using event-monitoring features in Microsoft Windows 2000.
Before You Begin
To complete this chapter, you must have
A domain controller for the domain.fabrikam.com domain
A member workstation in the domain
A workstation in the domain