Network Intrusion Detection

Stephen Northcutt, Judy Novak

500 pages, parution le 16/09/2002 (3^eme édition)

Ajouter à une liste

Indisponible

Résumé

As the number of corporate, government, and educational networks grows and becomes more connected, so too does the number of attacks on those networks. Stephen Northcutt -- original developer of the Shadow intrusion detection system, former head of the Department of Defense's Shadow Intrusion Detection Team, and currently the Chief Information Warfare Officer for the U.S. Ballistic Missile Defense Organization -- gives you Network Intrusion Detection: An Analyst's Handbook.

Written to be both a training aid and a technical reference for intrusion detection analysts, Northcutt's book contains unparalleled, practical experience that can't be found anywhere else. With detailed explanations and illustrative examples from his own career, Northcutt covers the topic completely, from detect evaluation, analysis, and situation handling, through the theories involved in understanding hackers, intelligence gathering, and coordinated attacks, to an arsenal of preventive and aggressive security measures.

Ideal for the serious security analyst, Network Intrusion Detection: An Analysts Handbook is the tool that puts you in full control of your network's security.

If you are responsible for monitoring and protecting your network against attack, use this book to:

Identify vulnerable targets on your system
Mitigate your security risks
Recognize common and unusual attack patterns
Create effective filters, honeypots, and firewalls
Know and disable your enemies
Recognize real detects versus false alarms, and know when to report them
Set up your system to avoid false detects
Evaluate ID systems and third-party tools
Learn about automated response and manualresponse in relation to real-time analysis
Propose and justify ID expenditures to management.

Written to be both a training aid and a technical reference for intrusion detection analysts, Northcutt's book contains practical experience that can't be found anywhere else. With detailed explanations and illustrative examples from his own career, Northcutt covers the topic completely, from detect evaluation, analysis, and situation handling, through the theories involved in understanding hackers, intelligence gathering, and coordinated attacks, to an arsenal of preventive and aggressive security measures.
Contents

1 Mitnick Attack
2 Introduction to Filters and Signatures
3 Architectural Issues
4 Interoperability and Correlation
5 Network-Based Intrusion Detection Solutions
6 Detection of Exploits
7 Denial of Service
8 Intelligence Gathering Techniques
9 Introduction to Hacking
10 Coordinated Attacks
11 Additional Tools
12 Risk Management and Intrusion Detection
13 Automated and Manual Response
14 Business Case for Intrusion Detection
15 Future Directions

L'auteur - Stephen Northcutt

Stephen Northcutt s'occupe de guerre de l'information au Ballistic Missile Défense Organisation. Il est également directeur des enseignements et certifications à l'institut SANS (SysAdmin, Audit, Network, Security), la source d'information en matière de sécurité informatique la plus réputée au monde.

L'auteur - Judy Novak

Judy Novak is a Senior Security Analyst for the Army Research Laboratory. She is one of the founding members of the three year old Computer and Security Incident Response Team which is highly regarded among the military. She has assisted in deploying intrusion detection tools and monitoring at many different military and government sites. She is an author and speaker for the SANS Institute on TCP/IP and using the Shadow intrusion detection tool for network analysis.

Caractéristiques techniques

	PAPIER
Éditeur(s)	New Riders
Auteur(s)	Stephen Northcutt, Judy Novak
Parution	16/09/2002
Édition	3^eme édition
Nb. de pages	500
Format	17,8 x 23
Couverture	Broché
Poids	790g
Intérieur	Noir et Blanc
EAN13	9780735712652