What is an "intrusion detection system (IDS)"?
What are hackers and crackers?
What are whitehats and blackhats?
How do intruders attack a system?
* Software bugs.
* System configuration.
* Password cracking.
* Sniffing unsecured traffic.
* Design flaws.
How do intruders get passwords?
What is a typical intrusion scenario?
What are some common "intrusion signatures"?
What are some common exploits?
* CGI scripts.
* Web server attacks.
* Web browser attacks.
* IP spoofing.
* Buffer Overflows.
* DNS attacks.
What are some common reconnaissance scans?.
* Ping sweeps.
* TCP scans.
* UDP scans.
* OS identification.
* Account scans.
What are some common DoS (Denial of Service) attacks?.
* SYN Flood.
Where can I find some Statistics on intrusions?
How are intrusions detected?
What are the main things to do to secure a Win NT/200/XP system?
How do I collect enough evidence about the hacker?
What is Snort?
What intrusion detection systems are available?
Why do I need IDS if I already have a firewall?
What are the limitations of a network based IDS?
What is a honeypot?
1. What are the advantages of a honeypot?
2. What are the disadvantages of a honeypot?
What honeypot products are available?
What are deception countermeasures?
What are the legal implications of honeypots?
Do honeypots constitute entrapment?
Am I aiding and abetting a crime?
Am liable for attacks launched from the compromised honeypot?