O'Reilly logo

Security Monitoring with Cisco Security MARS by Greg Kellogg, Gary Halleen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. Securing CS-MARS

A Security Information Management (SIM) system can contain a tremendous amount of sensitive information. This is because it receives event logs from security systems throughout a network. These logs potentially contain information that can be used to target attacks at sensitive systems. For example, intrusion detection system (IDS) logs can contain actual packets seen on the network. Some of these packets can be decoded with freely available packet analyzers to find usernames and passwords that your employees might be using to access websites, e-mail systems, and network devices.

Although security people always encourage users to select unique passwords for company networks, the reality is that many users tend to reuse ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required