Network Intrusion Detection: An Analyst's Handbook (New Riders Professional Library) - Softcover

Northcutt, Stephen

 
9780735708686: Network Intrusion Detection: An Analyst's Handbook (New Riders Professional Library)
Softcover
ISBN 10: 0735708681 ISBN 13: 9780735708686
Publisher: Sams, 1999

Synopsis

Written to be both a training aid and a technical reference for intrusion detection analysts, Northcutt's book contains unparalleled, practical experience that can't be found anywhere else. With detailed explanations and illustrative examples from his own career, Northcutt covers the topic completely, from detect evaluation, analysis, and situation handling, through the theories involved in understanding hackers, intelligence gathering, and coordinated attacks, to an arsenal of preventive and aggressive security measures. Ideal for the serious security analyst, Network Intrusion Detection: An Analyst's Handbook is the tool that puts you in full control of your network's security.

"synopsis" may belong to another edition of this title.

Review

Network Intrusion Detection: An Analyst's Handbook explains some of what you need to know in order to prevent unauthorised accesses of your networked computers and minimise the damage intruders can do. It emphasises, though, proven techniques of recognising attacks while they're underway. Without placing too much emphasis (or blame, for that matter) on any operating system or other software product, author Stephen Northcutt explains ways to spot suspicious behaviour and deal with it, both automatically and manually.

The case studies, large and small, are the best part of this book. Northcutt opens with a technical brief on the methods used by Kevin Mitnick in his attack upon Tsutomu Shimomura's server. In documenting that famous attack, Northcutt explains SYN flooding and TCP hijacking with clarity and detail: Readers get a precise picture of what Mitnick did, and how Shimomura's machine reacted. A former security expert for the US Department of Defense, Northcutt goes on to explain how a system administrator would go about detecting and defeating an attack like Mitnick's. Another case study appears later in the book, this one in the form of a line-by-line analysis of a history file that shows how a bad guy with root privileges attacked a Domain Name System (DNS) server. Reading Northcutt's analysis is like reading a play-by-play account of a football match. Network Intrusion Detection is one of the most readable technical books around. --David Wall, Amazon.com

Topics covered: Catching intruders in the act by recognising the characteristics of various kinds of attacks in real-time, both manually and with the use of filters and other automated systems; techniques for identifying security weaknesses and minimising false security alarms.

From the Publisher

Indispensable for the security analyst and administrator
Get answers and solutions from someone who has been in the trenches with Network Intrusion Detection: An Analyst's Handbook. Author Stephen Northcutt, original developer of the Shadow intrusion detection system and former Director of the United States Navy's Information System Security Office at the Naval Security Warfare Center, lends his expertise to intrusion detection specialists, security analysts, and consultants responsible for setting up and maintaining an effective defense against network security attacks.

"About this title" may belong to another edition of this title.

Publisher
Sams
Publication date
1999
Language
English
ISBN 10 
0735708681
ISBN 13 
9780735708686
Binding
Paperback
Edition number
1
Number of pages
304

Other Popular Editions of the Same Title

9780735712652: Network Intrusion Detection

Featured Edition

ISBN 10:  0735712654 ISBN 13:  9780735712652
Publisher: Sams Publishing, 2002
Softcover