| Description |
xxxii, 430 pages : illustrations ; 23 cm |
| Contents |
1. IP concepts -- 2. Introduction to TCPdump and Transmission Control Protocol (TCP) -- 3. Fragmentation -- 4. ICMP -- 5. Stimulus and response -- 6. DNS -- 7. Mitnick attack -- 8. Introduction to filters and signatures -- 9. Architectural issues -- 10. Interoperability and correlation -- 11. Network-based intrusion-detection solutions -- 12. Future directions -- 13. Exploits and scans to apply exploits -- 14. Denial of service -- 15. Detection of intelligence gathering -- 16. The Trouble with RPCs -- 17. Filters to detect, filters to protect -- 18. System compromise -- 19. The Hunt for Timex -- 20. Organizational issues -- 21. Automated and manual response -- 22. Business case for intrusion detection |
| Summary |
"Written to be both a training aid and a technical reference for intrusion detection analysts, this book contains practical experience that can't be found anywhere else. With detailed explanations and illustrative examples from their own careers, the authors cover the topic completely, from detect evaluation, analysis, and situation handling, through the theories involved in understanding hackers, intelligence gathering, and coordinated attacks, to an arsenal of preventive and aggressive security measures. Ideal for the serious security analyst, this book is the tool that puts you in full control of your network's security."--BOOK JACKET |
| Notes |
Previous ed.: 1999 |
|
Includes index |
|
Previous ed. 1999 |
| Subject |
Computer networks -- Security measures.
|
| Author |
Novak, Judy.
|
|
McLachlan, Donald.
|
| LC no. |
00102854 |
| ISBN |
0735710082 paperback |
|
