18. Tactics for Attacking Network Security Monitoring
Chapter 17 presented tools that intruders use to confuse and evade NSM operations. We learned about applications that intruders employ to perform reconnaissance, exploitation, and other nefarious deeds. This chapter discusses strategies and tactics that intruders use to accomplish the same goal. Here the targets are the people and processes that perform NSM operations. While this chapter mentions tools, they are not analyzed to the extent they were in Chapter 17. Rather, tools are discussed if they represent a technique to defeat the people and processes that detect intrusions.
Chapter 1 introduced the idea of structured and unstructured threats. This chapter applies more to the former than ...
Get The Tao of Network Security Monitoring Beyond Intrusion Detection now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
