Chapter 10

Intrusion Detection Systems: In Practice

Anecdote

Intrusion detection systems (IDSes) are a form of monitoring. Another form of monitoring is open-source monitoring, whereby you scan newsgroups and forums for damaging information. Traditionally, a good pen tester or hacker will do this before every job; it’s amazing how many administrators post configs to newsgroups, asking “Why doesn’t this work?”—just the “in” we’re looking for.

Years ago, my team was doing a job for a large chemical company. The executives had some branded e-mail ...

Get How to Cheat at Managing Information Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.