Protect Your Information with Intrusion Detection 

1 2 3 4

• 1. Table of Contents

• 2. BackCover

• 3. Protect Your Information with Intrusion Detection

• 4. Introduction

  Intended Audience

• 5. Content Overview

  Content Overview

• 6. Chapter 1: Introduction to Intrusion Detection

  The Need for Intrusion Detection Technologies

• 7. Information System Levels

  Information System Levels

• 8. Traditional Security Tools

  Traditional Security Tools Shortcomings of Traditional Security Firewall Evasion

• 9. Summary

  Summary

• 10. Chapter 2: Anatomy of an Attack

  Overview

• 11. Security Events

  Security Events

• 12. Vulnerabilities

  Vulnerabilities Classification of Vulnerabilities

• 13. Attacks

  Attacks Informal Model of an Attack Model of a Traditional Attack Distributed Attack Model Result of an Attack Steps in Attack Implementation Tools of Attack Implementation Attack Classification Databases of Vulnerabilities and Attacks

• 14. Incidents

  Incidents

• 15. Intruders

  Intruders Intruder Goals

• 16. Summary

  Summary

• 17. Chapter 3: Introduction to Intrusion Detection

  Overview

• 18. Backing up Firewalls

  Backing up Firewalls

• 19. Controlling File Access

  Controlling File Access

• 20. Controlling Unreliable Employees and Preventing Information Leaks

  Controlling Unreliable Employees and Preventing Information Leaks

• 21. Protection against Viruses

  Protection against Viruses

• 22. Controlling the Administrator s Activities

  Controlling the Administrator s Activities

• 23. Controlling Internet Access

  Controlling Internet Access

• 24. Detecting Unknown Devices

  Detecting Unknown Devices

• 25. Analyzing the Efficiency of Firewall Settings

  Analyzing the Efficiency of Firewall Settings

• 26. Analyzing Information Flows

  Analyzing Information Flows

• 27. Analyzing Data from Network Equipment

  Analyzing Data from Network Equipment

• 28. Collecting Proof and Handling Incidents

  Collecting Proof and Handling Incidents

• 29. Performing Inventory and Creating a Network Map

  Performing Inventory and Creating a Network Map

• 30. Detecting Default Configurations

  Detecting Default Configurations

• 31. Controlling the Efficiency of the IT Department

  Controlling the Efficiency of the IT Department

• 32. Intrusion Detection Systems and Other Security Tools

  Intrusion Detection Systems and Other Security Tools

• 33. Summary

  Summary

• 34. Chapter 4: The Three Basic Principles of Intrusion Detection

  Overview

• 35. Attack Indications

  Attack Indications Repeated Occurrence of Specific Events Controlling Threshold Values Controlling Time Intervals Incorrect Commands Exploiting Vulnerabilities Inappropriate Parameters of Network Traffic

• 36. Sources of Information on Attacks

  Sources of Information on Attacks Log Files Intrusion Detection Technologies Approaches to Intrusion Detection

• 37. Summary

  Summary

• 38. Chapter 5: Detecting Attack Traces

  Overview

• 39. Control of File and Folder Integrity

  Control of File and Folder Integrity

• 40. Selecting Data on Important Files and Folders

  Selecting Data on Important Files and Folders

• 41. Integrity Control for Files and Folders

  Integrity Control for Files and Folders

• 42. Analysis of Log Files

  Analysis of Log Files

• 43. Network Traffic Analysis

  Network Traffic Analysis

• 44. Notification Analysis

  Notification Analysis

• 45. Analysis of Processes, Services, and Ports

  Analysis of Processes Services and Ports

• 46. Detecting Unauthorized Devices

  Detecting Unauthorized Devices Regular Revision of the Devices Controlling Modems Controlling Access to Physical Resources

• 47. Analysis of External Sources of Information and System Behavior

  Analysis of External Sources of Information and System Behavior

• 48. Summary

  Summary

• 49. Chapter 6: Classification of Intrusion Detection Systems

  Overview

• 50. Security Assessment Systems

  Security Assessment Systems

1 2 3 4