INTRUSION DETECTION & PREVENTION - Softcover

Endorf, Carl; Schultz, Gene; Mellander, Jim

4.09

11 ratings by Goodreads

9780072229547: INTRUSION DETECTION & PREVENTION

Softcover

ISBN 10: 0072229543 ISBN 13: 9780072229547

Publisher: McGraw-Hill Education, 2003

View all copies of this ISBN edition:

Authors Carl Endorf, Eugene Schultz, and Jim Mellander deliver the hands-on implementation techniques that IT professionals need. Learn to implement the top intrusion detection products into real-world networked environments and covers the most popular intrusion detection tools including Internet Security Systems' Black ICE & RealSecure, Cisco Systems' Secure IDS, Computer Associates’ eTrust, Entercept, and the open source Snort tool.

"synopsis" may belong to another edition of this title.

From the Back Cover:

Implement enterprise-wide security solutions based on detailed traffic and attack analysis

In today's converged networking environment, cyber crime is on the rise and getting more sophisticated every day. Malicious hackers lurk in dark corners, scanning for vulnerable systems and launching debilitating attacks. Intrusion Detection & Prevention shows you, step-by-step, how to mount a comprehensive defense, perform real-time security monitoring, and implement a proactive incident response plan. Major examples of IDS software are covered, including TCPDump, RealSecure, Cisco Secure IDS, Network Flight Recorder, and Snort 2.0. You'll learn how to properly place and configure network sensors, analyze packets and TCP streams, correlate data, and counter attempted break-ins. Plus, you'll get vital coverage of legal standards, business guidelines, and the future of intrusion prevention.
Inside, learn to:

-Identify and eliminate abnormal network traffic patterns and application-level abuses
-Capture, store, and analyze network transactions with TCPDump
-Deploy sensors, agents, and manager components in single-tiered, multi-tiered, and peer-to-peer architectures
-Grab, filter, decode, and process data packets and TCP streams
-Manage RealSecure Network Sensors, alerts, encryption keys, and reports
-Implement ISS's new central management system, SiteProtector 2.0
-Administer Cisco Secure IDS, Cisco Threat Response, and the Cisco Security Agent
-Distribute CSIDS 4200 Series Sensors and Catalyst 6000 IDS modules
-Use Snort 2.0 rules, outputs, and plug-ins to detect unauthorized activity
-Monitor transactions with the Snort 2.0 Protocol Flow Analyzer
-Perform packet inspection and protocol anomaly detection with Network Flight Recorder
-Assess threat levels using data correlation, fusion, and vulnerability scanning

ABOUT THE AUTHORS: Carl F. Endorf, CISSP, CISM, SSCP, CCNA, ITIL, CIWA, GSEC, IAM, is a technical security analyst working in the financial and insurance industries. Eugene Schultz, Ph.D., CISSP, CISM, is a Principal Engineer with Lawrence Berkeley National Laboratory and the Editor-in-Chief of Computers and Security
Jim Mellander, a Principal Engineer with Lawrence Berkeley National Laboratory, developed the Kazaa Obliterator software, which prevents unauthorized peer-to-peer use. He teaches courses on intrusion detection and incident response.

About the Author:

McGraw-Hill authors represent the leading experts in their fields and are dedicated to improving the lives, careers, and interests of readers worldwide

"About this title" may belong to another edition of this title.