Book description
The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.
Table of contents
- Copyright
- About the Authors
- About the Technical Reviewers
- Acknowledgments
- Tell Us What You Think
- Introduction
-
I. TCP/IP
- 1. IP Concepts
- 2. Introduction to TCPdump and TCP
- 3. Fragmentation
- 4. ICMP
- 5. Stimulus and Response
- 6. DNS
-
II. Traffic Analysis
- 7. Packet Dissection Using TCPdump
- 8. Examining IP Header Fields
- 9. Examining Embedded Protocol Header Fields
- 10. Real-World Analysis
- 11. Mystery Traffic
- III. Filters/Rules for Network Monitoring
-
IV. Intrusion Infrastructure
- 15. Mitnick Attack
- 16. Architectural Issues
- 17. Organizational Issues
- 18. Automated and Manual Response
- 19. Business Case for Intrusion Detection
- 20. Future Directions
-
V. Appendixes
- A. Exploits and Scans to Apply Exploits
- B. Denial of Service
- C. Detection of Intelligence Gathering
Product information
- Title: Network Intrusion Detection, Third Edition
- Author(s):
- Release date: August 2002
- Publisher(s): Sams
- ISBN: None
You might also like
book
The Tao of Network Security Monitoring Beyond Intrusion Detection
"The book you are about to read will arm you with the knowledge you need to …
book
Network Intrusion Analysis
Nearly every business depends on its network to provide information services to carry out essential activities, …
book
The Practice of Network Security Monitoring
Network security is not simply about building impenetrable walls — determined attackers will eventually overcome traditional …
book
Applied Network Security Monitoring
Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground …