IDS, Firewalls, and Honeypots

Introduction

Chapter 10 introduces you to three technologies that can be used to help protect and guard the network: Intrusion Detection Systems (IDS), firewalls, and honeypots. An IDS can be used to inspect network or host activity. They identify suspicious traffic and anomalies. IDS systems act similar to security guards. Although security guards monitor the activities of humans, IDS systems monitor the activity of the network. IDS systems don't fall asleep or call in sick like a security guard, but they are not infallible. They require a sizeable amount of time and tuning to do a great job. Firewalls are the next piece of defensive technology discussed. Firewalls can be hardware or software devices that protect the resources of a protected network. A firewall acts as a type of barrier or wall and blocks or restricts traffic. Firewalls are much like a border crossing in that they offer a controlled checkpoint to monitor ingress and egress traffic. Modern organizations rely heavily on firewalls to protect the network. The third topic in this Chapter is honeypots. Although the first two topics deal with technologies to keep hackers out or to detect their presence, honeypots are actually designed to lure them in. A honeypot might actually be configured to look like it has security holes or vulnerabilities. This Chapter discusses how they can be used to protect a real network and to monitor the activities of hackers.

Intrusion Detection Systems

Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software



Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net