The Practical Intrusion Detection Handbook - Softcover

Rather than emphasise the characteristics of attacks on computers and networks, The Practical Intrusion Detection Handbook places its focus on the tools, resources, and policies that should be in place to help security administrators do their jobs. It deals with preventing attacks, detecting and stopping them when they occur, and assessing--after the fact--the damage they cause. Throughout, the importance of recordkeeping is emphasised, particularly that accurate and unmuddled log files are necessary to back up legal charges or support certain firing decisions, if necessary. The business environment beyond the security officer's cubicle is also explored, including how to justify security expenditures to organisational decision-makers.

This isn't exactly an academic text, but it's a step removed from the sorts of play-by-play descriptions of attacks and defenses you'll find in Stephen Northcutt's security books--reference is made to those books, as a matter of fact. This hardback volume explains the appearance of various kinds of attacks in broad terms, and shows how intrusion detection systems (IDS) can spot and record the clues (Windows NT security log entries are often used as examples). The text is conversational and liberally studded with bulleted definitions, boxed case studies, and references to Web sites and paper documents. While a working security administrator would probably want to back this book with one of both of Northcutt's texts and other more detailed books, The Practical Intrusion Detection Handbook makes an excellent choice for a student of business management who wants to be more than minimally informed about the operation of corporate information systems, so as to make better decisions about those systems. --David Wall

The definitive guide to understanding, selecting, and deploying intrusion detection in the enterprise!

• Product selection, planning, and operations
• Filled with real-life cases and stories of intrusion detection systems in action
• Covers host-based and network-based intrusion detection

Foreword by Dorothy Denning, author of Cryptography and Data Security and Information Warfare and Security

Technical Edit by Ira Winkler, author of Corporate Espionage

In The Practical Intrusion Detection Handbook, one of the field's leading experts shows exactly how to detect, deter, and respond to security threats using intrusion detection systems. Using real-world case studies and practical checklists, Paul E. Proctor shows what intrusion detection software can achieve, and how to integrate it into a comprehensive strategy for protecting information and e-commerce assets. No other guide to intrusion detection offers all this:

• Practical coverage of host-based, network-based, and hybrid solutions
• Detailed selection criteria and sample RFPs
• Key factors associated with successful deployment
• Intrusion detection in action: response, surveillance, damage assessment, data forensics, and beyond
• Six myths of intrusion detection ― and the realities

Whether you're a senior IT decision-maker, system administrator, or infosecurity specialist, intrusion detection is a key weapon in your security arsenal. Now, there's a start-to-finish guide to making the most of it: The Practical Intrusion Detection Handbook by Paul E. Proctor.

"Intrusion detection has gone from a theoretical concept to a practical solution, from a research dream to a major product area, from an idea worthy of study to a key element of the national plan for cyber defense. . . Nobody brought that about more than Paul Proctor. . . Paul brings his considerable knowledge and experience with commercial intrusion detection products to this first-of-a-kind book."
―From the Foreword by Dorothy Denning