3.3. Monitoring and Diagnosing Networks
Network monitoring is an area as old as data communications. It is the process of using a data-capture device or other method to intercept information from a network. Network monitors come in two forms: sniffers and intrusion detection systems (IDSs). These tools allow you to examine the activity on your network or, in the case of an IDS, add intelligence to the process, monitor system logs, monitor suspicious activities, and take corrective action when needed.
NOTE
The concepts of network monitoring and IDS are briefly covered here. They're discussed in greater detail in Chapter 4, "Monitoring Activity and Intrusion Detection."
3.3.1. Network Monitors
Network monitors, otherwise called sniffers, were ...
Get CompTIA Security+™ Deluxe: Study Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
