Extreme Exploits: Advanced Defenses Against Hardcore Hacks (Hacking Exposed)
| | ||
| | ||
| | ||
Overview
Intrusion detection and prevention technologies can be broken into several categories. In this chapter we discuss the following two types of intrusion detection and prevention technologies:
-
Network-Based Intrusion Detection An overview of the fundamental types of network-based intrusion detection technologies. Also discussed is the potential for insertion and evasion attacks.
-
Host-Based Intrusion Detection An overview of the mechanisms by which host-based intrusion detection systems function.
While firewalls were continuing to evolve and excel at protecting the perimeter at the network and transport layer, a parallel security industry effort was occurring in order to identify and alarm on the attacks being launched. An entirely new industry was born out of identifying network attacks. New security devices, intrusion detection systems, accomplished this by monitoring a network segment and searching for known (or previously unknown) signs of attack. Today, while the value of accomplishing this in a passive fashion has largely been rejected, the fundamental technology lives on in the form of devices with the ability to actively protect networks from such attacks.
| | ||
| | ||
| | ||