O'Reilly logo

Mac® Security Bible by Joe Kissell

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

22.6. Summary

No matter how carefully you've configured and tested your firewall and no matter how thoroughly you've plugged known security holes, an attacker could potentially find another way in. Instead of setting up your network and assuming it'll always remain safe, you can actively monitor your network for attempted breaches, as described in this chapter. I looked at network monitoring from several angles. First, I described a network intrusion detection system (NIDS), designed to alert you to unauthorized access of various kinds. Next, I turned to a network intrusion prevention system (NIPS), which builds on the capabilities of a NIDS to dynamically block attackers. Looking at network monitoring from the inside out, I covered an information leak detection system (ILDS), which prevents users on your network from sending sensitive information of one kind or another to the outside world. Finally, I looked at the use of honeypots to lure potential attackers away from your computers and gather data that can be used to protect them.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required