Browse archive

Latest news

Experts highlight top data breach vulnerabilities

Review: Logging and Log Management

Commission wants to minimize U.S. IP theft economic impact

NYPD detective accused of hiring email hackers

Why BYOx is the next big concern of CISOs

Free tool repairs critical Windows configuration vulnerabilities

Guantanamo cuts off Wi-Fi access due to OpGTMO

IT pros focus on cloud security, not hype

Blue Coat to acquire Solera Networks

APT1 is back, attacks many of the initial U.S. corporate targets

Aurora attackers were looking for Google's surveillance database

U.S. DOJ accuses journalist of espionage

Find TrueCrypt and BitLocker encrypted containers and images

The CSO perspective on healthcare security and compliance

Hacking charge stations for electric cars

Interview with Earl Carter, Member of Cisco's Security Technologies Assessment Team (STAT)

by Mirko Zorz - Monday, 7 April 2003.

If you are just learning about intrusion detection, I would recommend that you learn about the various security threats and common attacks that you will have to defend your network against. Next, I would recommend that you learn everything that you can about your network (topology, protocol used, functionality supported, etc.) so that you can determine the potential areas that an attacker can attack your network. Finally, you then need to determine a way that you can watch your network for the attacks in the areas that you feel are the most vulnerable. This is probably most easily accomplished by deploying some type of IDS.

What are your future plans? Any exciting new projects?

Currently I am working on a revision to the current IDS book to incorporate the new functionality that has been incorporated into Cisco IDS since the last IDS book was published. This new book (ISBN - 1587051443) should be available early in 2004.