15.6. Intrusion-Detection and -Prevention Systems

If someone has broken into your network, how would you know? I mean, it's not like you're going to find broken windows or the door left wide open, right? Although it's true that you won't be dusting for prints, bad guys who break into networks still leave clues behind that can help you sleuth out their identities as well as how they gained access. A great tool for doing network detective work is known as an Intrusion Detection System (IDS).

Firewalls are designed to block nasty traffic from entering your network, but IDS is more of an auditing tool: It keeps track of all activity on your network so you can see if someone has been trespassing. Because IDSs are a fairly new technology, people are ...

Get CompTIA Network+® Study Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.