Network Monitoring for Intrusion Detection
Source: SecurityFocus - Posted by Derrick Lewis   
Intrusion Detection In the world of intrusion detection, we tend to focus on detecting attacks and clearly anomalous activity. However, another important component of a complete intrusion detection solution is basic network monitoring and traffic analysis. Network monitoring collects information on connections, while . . . In the world of intrusion detection, we tend to focus on detecting attacks and clearly anomalous activity. However, another important component of a complete intrusion detection solution is basic network monitoring and traffic analysis. Network monitoring collects information on connections, while traffic analysis allows us to see what services are being used on a network and to compare that against the activity that we should be seeing. This allows us to identify unauthorized services being used within a network, as well as gaps in network perimeter defenses. By combining basic network monitoring and traffic analysis with other intrusion detection methods, you can establish better overall security. In this article, I will present an introduction to network monitoring and traffic analysis.

Read this full article at SecurityFocus

Only registered users can write comments.
Please login or register.

Powered by AkoComment!