Network Security Monitoring and Behavior Analysis

In this example, the intruder gains access to username/password information and sensitive routing protocol data using an Ethernet packet decoder such as EtherPeek. The data packets being sent are captured by the laptop running EtherPeek; the program decodes the hex data into human-readable form. After obtaining access to information, the intruder can use this information to gain access to a machine and then possibly copy-restricted, private infor- mation and programs. The intruder may also subsequently have the capability to tamper with an asset; that is, the intruder may modify records on a server or change the content of the routing information....