Chapter 22. Network Monitoring

IN THIS CHAPTER

Learning what information network monitoring can provide

Using systems that monitor a network for unauthorized access

Intelligently and dynamically blocking network intruders

Preventing unauthorized information from leaving your network

Learning about attempted attacks with honeypot decoys

Network security isn't something you can assure with a one-time audit or configuration. The Internet is constantly evolving, as are the devices you may connect to it. Operating systems and applications undergo frequent updates, new methods of attack are invented, and new exploits are discovered. As a result, you can improve your security by regularly monitoring your network for any new breaches that may have slipped past your defenses.

This chapter covers several different sorts of network monitoring, including methods that simply watch for potential threats and alert you, methods that actively work to block new threats, and methods that help to ensure that no proprietary or confidential data is sent from your network to other locations on the Internet. It also briefly discusses ways of luring attackers away from your most important Macs by using a mechanism known as a honeypot.

Get Mac® Security Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.