Detecting Signs of Intrusion

Abstract : This security improvement module, Detecting Signs of Intrusion, describes practices involved in preparing to detect and detecting intrusions into networked computer systems. The practices are designed to help network and system administrators prepare for and detect intrusions by looking for unexpected or suspicious behavior and then recognizing "fingerprints" of known intrusion methods.