“ Attack him where he is unprepared; appear where you are not expected.”
—Sun Tzu, The Art of War
The previous chapters have discussed defense techniques that focus on host-based solutions. This short chapter introduces worm behavior patterns on the wire and related technology that can detect and prevent worms and network intrusions, backdoors, and some types of DoS attacks.
The following key defense techniques will be discussed:
• Access lists using routers
• NIDS (network-intrusion detection system)
• Early warning systems
• Worm-capturing techniques
In this chapter, I will focus on worm behavior patterns with several network-level worm captures and related ...