Chapter 26. Detecting and Reacting to Intrusions
In this chapter
This chapter explains the necessity of security incident reporting and provides a few ways to find out when you have been cracked or whether you are actively under attack by a remote host.
The chapter has four distinct parts. The first part deals with building an IRT (Intrusion Response Team) for your company. The second part deals with techniques you can use to detect possible intrusions on your network. It covers some of the basics as well as some advanced techniques to find the whos, whats, whys, and wheres of an attack. The next part of the chapter discusses ...
Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
