Chapter 3. Identifying and Classifying Security Threats
This chapter covers the following topics:
• Telemetry and Anomaly Detection
• Intrusion Detection and Intrusion Prevention Systems (IDS/IPS)
Worms and denial of service (DoS) attacks are used maliciously to consume the resources of your hosts and network that would otherwise be used to serve legitimate users. In some cases, misconfigured hosts and servers can send traffic that consumes network resources unnecessarily. Having the necessary tools and mechanisms to identify and classify security threats and anomalies in the network is crucial. This chapter presents several best practices and methodologies you can use to successfully and quickly identify and classify such ...
Get End-to-End Network Security: Defense-in-Depth now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.