Karen Frederick et Stephen Northcutt - .

Intrusion Signatures and Analysis (Broché)

Karen Frederick, Stephen Northcutt, Mark Cooper, Matt Fearnow

New Riders
Paru le : 30/10/2001

Note moyenne : | Donnez votre avis !

Security analysts are often responsible for the livelihood of a business. We all know that information is power. If you find yourself at a loss in determining... > Lire la suite

48,60 €

Neuf - Expédié sous 2 à 4 semaines

ou

Livré chez vous
entre le 11 octobre et le 25 octobre

Security analysts are often responsible for the livelihood of a business. We all know that information is power. If you find yourself at a loss in determining what is happening to your network or if you often find yourself chasing false positives, help is here. Finally, a reference that moves beyond the theories of intrusion detection on to a full analysis of an attack, along with traces to determine what happened and how. Intrusion Signatures and Analysis provides a 10-step walkthrough for every trace covered, which teaches you an intrusion analysis methodology. There is no other book on the market so focused on teaching pragmatic log analysis. You cannot do intrusion analysis effectively without this book!

Sommaire

Résumé
Sommaire
Vous aimerez aussi
Fiche technique
Auteurs
Avis clients

- Reading log files
- Introduction to the practicals
- The most critical Internet security threats
- Non-malicious traffic
- Perimeter logs
- Reactions and responses
- Network mapping
- Scans that probe systems for information
- Denial of service; resource starvation
- Denial of service; bandwidth consumption
- Trojans
- Exploits
- Buffer overflows with content
- Fragmentation
- False positives
- Out-of-spec packets

Fiche technique

Résumé
Sommaire
Vous aimerez aussi
Fiche technique
Auteurs
Avis clients

Date de parution : 30/10/2001
Editeur : New Riders
ISBN : 0-7357-1063-5
EAN : 9780735710634
Présentation : Broché
Nb. de pages : 408 pages
Poids : 0.71 Kg
Dimensions : 17,9 cm × 22,8 cm × 2,4 cm

À propos des auteurs

Résumé
Sommaire
Vous aimerez aussi
Fiche technique
Auteurs
Avis clients

Stephen Northcutt was the original developer of the Shadow intrusion detection system and served as the leader of the Department of Defenses Shadow Intrusion Detection Team for two years. Most recently, he was the Chief for Information Warfare at the Ballistic Missile Defense Organization and now serves as the Director for GIAC Training and Certification for the SANS institute. Mark Cooper graduated from UMIST in 1991 with a Bachelor of Science degree and a Master of engineering degree in microelectronic systems engineering. He spent many years as a Software Engineer and UNIX Systems administrator, and is now a SANS GIAC Certified Intrusion Analyst. Matt Feurnow was the first to establish categories for the traces from completed GCIA practicals. He was formerly a network / security administrator for Pearson Education, currently works as an incident handler for SANS GIAC, and is a GIAC Certified Intrusion Analyst. Karen Frederick is a senior security engineer for Network Flight Recorder. She is currently completing her master's degree thesis in intrusion detection from the University of Idaho's Engineering Outreach program. Karen holds several certifications, including MCSE+I, Check Point Certified Security Administrator, and GIAC Certified Intrusion Analyst.