Origin of Attacks
Threats to information resources come in a variety of forms. Security of information can be compromised by very simple means. An example is an insider who can walk off with backup tapes of confidential customer information. Although there are many threats to digital infrastructure, this section focuses on network-borne threats that an IDS is designed to monitor for.
Network-based threats can be separated into two categories: internal and external. Network security at most organizations can be compared to an egg: The hard outer shell is somewhat difficult to penetrate, but after the outer shell is breached, the inside is soft, gooey, and offers no protection. This castle-like defense of firewalls, DMZs, hardened hosts, and IDSs ...
Get Intrusion Detection with Snort now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
