22.6. Summary
No matter how carefully you've configured and tested your firewall and no matter how thoroughly you've plugged known security holes, an attacker could potentially find another way in. Instead of setting up your network and assuming it'll always remain safe, you can actively monitor your network for attempted breaches, as described in this chapter. I looked at network monitoring from several angles. First, I described a network intrusion detection system (NIDS), designed to alert you to unauthorized access of various kinds. Next, I turned to a network intrusion prevention system (NIPS), which builds on the capabilities of a NIDS to dynamically block attackers. Looking at network monitoring from the inside out, I covered an information leak detection system (ILDS), which prevents users on your network from sending sensitive information of one kind or another to the outside world. Finally, I looked at the use of honeypots to lure potential attackers away from your computers and gather data that can be used to protect them.
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
