Intrusion Signatures And Analysis

Karen Frederick

,

Stephen Northcutt

,

Mark Cooper

,

Matt Fearnow

Note moyenne 
Karen Frederick et Stephen Northcutt - Intrusion Signatures And Analysis.
Security analysts are often responsible for the livelihood of a business. We all know that information is power. If you find yourself at a loss in determining... Lire la suite
38,99 €
Actuellement indisponible

Résumé

Security analysts are often responsible for the livelihood of a business. We all know that information is power. If you find yourself at a loss in determining what is happening to your network or if you often find yourself chasing false positives, help is here. Finally, a reference that moves beyond the theories of intrusion detection on to a full analysis of an attack, along with traces to determine what happened and how. Intrusion Signatures and Analysis provides a 10-step walkthrough for every trace covered, which teaches you an intrusion analysis methodology. There is no other book on the market so focused on teaching pragmatic log analysis. You cannot do intrusion analysis effectively without this book!

Sommaire

    • Reading log files
    • Introduction to the practicals
    • The most critical Internet security threats
    • Non-malicious traffic
    • Perimeter logs
    • Reactions and responses
    • Network mapping
    • Scans that probe systems for information
    • Denial of service; resource starvation
    • Denial of service; bandwidth consumption
    • Trojans
    • Exploits
    • Buffer overflows with content
    • Fragmentation
    • False positives
    • Out-of-spec packets

Caractéristiques

  • Date de parution
    30/10/2001
  • Editeur
  • ISBN
    0-7357-1063-5
  • EAN
    9780735710634
  • Présentation
    Broché
  • Nb. de pages
    408 pages
  • Poids
    0.71 Kg
  • Dimensions
    17,9 cm × 22,8 cm × 2,4 cm

Avis libraires et clients

Avis audio

Écoutez ce qu'en disent nos libraires !

À propos des auteurs

Stephen Northcutt was the original developer of the Shadow intrusion detection system and served as the leader of the Department of Defenses Shadow Intrusion Detection Team for two years. Most recently, he was the Chief for Information Warfare at the Ballistic Missile Defense Organization and now serves as the Director for GIAC Training and Certification for the SANS institute. Mark Cooper graduated from UMIST in 1991 with a Bachelor of Science degree and a Master of engineering degree in microelectronic systems engineering. He spent many years as a Software Engineer and UNIX Systems administrator, and is now a SANS GIAC Certified Intrusion Analyst. Matt Feurnow was the first to establish categories for the traces from completed GCIA practicals. He was formerly a network / security administrator for Pearson Education, currently works as an incident handler for SANS GIAC, and is a GIAC Certified Intrusion Analyst. Karen Frederick is a senior security engineer for Network Flight Recorder. She is currently completing her master's degree thesis in intrusion detection from the University of Idaho's Engineering Outreach program. Karen holds several certifications, including MCSE+I, Check Point Certified Security Administrator, and GIAC Certified Intrusion Analyst.

Des mêmes auteurs

Les clients ont également aimé

Derniers produits consultés