O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

22.4. Information Leak Detection Systems

Now we come to the other side of the network monitoring equation: keeping an eye on data that leaves (or attempts to leave) your local network. Software or hardware that does this is known as (among other things) an information leak detection system, or ILDS. Even though the term refers to detection, ILDS products usually offer protection too — blocking outgoing data that should remain within the network.

To take a basic example, suppose you're setting up a Mac for family members — some of whom lack technical savvy or are a bit absentminded. You may want to make sure they don't accidentally send information such as credit card numbers, bank account information, or even your home address over the Internet insecurely (through email, for example, or using a non-SSL-protected web page). An ILDS can do this by watching data going over the network, looking for matches to keywords or other patterns you've designated, and blocking traffic that contains it — perhaps displaying an alert so the user knows what happened. Of course, a full-blown ILDS is overkill for an individual Mac, and software such as NetBarrier (discussed ahead) can competently keep tabs on the outgoing data for single computers.

However, if you're protecting sensitive data on a corporate network, the situation is a bit different. It may be impractical to install and maintain monitoring software on each computer, and some central authority may want to determine what data should ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required