Intrusion detection systems are increasingly recognized as a key weapon in the war against computer crime. In The Practical Intrusion Detection Handbook, one of the field's leading experts shows exactly how to use them to detect, deter, and respond to security threats. This is the only intrusion detection book to present practical advice for the entire lifecycle: choosing products, planning, deployment, operations, and beyond. Full of checklists and real-world case studies, The Practical Intrusion Detection Handbook demonstrates exactly how to integrate intrusion detection into a total strategy for protecting your information and e-commerce assets. Paul E. Proctor introduces each approach to intrusion detection, including host-based, network-based, and hybrid solutions; then offers practical selection criteria; and reviews the key factors associated with successful deployment. You'll watch today's best intrusion detection systems in action, through response, surveillance, damage assessment, and data forensics. Finally, Proctor addresses the future of intrusion detection -- from standards and interoperability to law and ethics.
"synopsis" may belong to another edition of this title.
Rather than emphasize the characteristics of attacks on computers and networks, The Practical Intrusion Detection Handbook places its focus on the tools, resources, and policies that should be in place to help security administrators do their jobs. It deals with preventing attacks, detecting and stopping them when they occur, and assessing--after the fact--the damage they cause. Throughout, the importance of record keeping is emphasized, particularly that accurate and unmuddled log files are necessary to back up legal charges or support certain firing decisions, if necessary. The business environment beyond the security officer's cubicle is also explored, including how to justify security expenditures to organizational decision makers.
This isn't exactly an academic text, but it's a step removed from the sorts of play-by-play descriptions of attacks and defenses you'll find in Stephen Northcutt's security books--reference is made to those books, as a matter of fact. This hardback volume explains the appearance of various kinds of attacks in broad terms, and shows how intrusion detection systems (IDS) can spot and record the clues (Windows NT security log entries are often used as examples). The text is conversational and liberally studded with bulleted definitions, boxed case studies, and references to Web sites and paper documents. While a working security administrator would probably want to back this book with one of Northcutt's texts and other more detailed books, The Practical Intrusion Detection Handbook makes an excellent choice for a student of business management who wants to be more than minimally informed about the operation of corporate information systems, so as to make better decisions about those systems. --David Wall
Topics covered: Intrusion detection systems (IDS) for whole networks as well as for individual computers, with emphasis on how intrusion detection works and how to configure it for maximum effectiveness and minimum false alarms. Establishing policies and setting procedures, and ways to choose IDS products and justify their purchase to management.From the Publisher:
So, you think your computer systems are safe? Well, maybe they are; maybe they are not. Sooner or later, however, something is going to happen. It is sort of like those California earthquakes: they eventually happen. No matter how good your computer security measures, something is likely to happen.
The last six months have seen a lot of front page news focusing on computer security failures: denial of service attacks, viruses, etc. And how many companies have been intruded, but can't make the intrusion public? How many employees do damage to systems from within the company?
My point is that computer security breaches are common. The point isn't so much what to do to prevent them-although that is, certainly, important-but what to do to detect them quickly and fix them-or fix the damage that occurs quickly.
This is what Paul Proctor's book focuses on. Paul is a pioneer of the intrusion detection field, and a foremost leader in the field. Well, don't take my word for it. After all I'm the publisher of the book. Read what Dorothy Denning said about Paul:
"Intrusion detection has gone. . .from an idea worthy of study to a key element of the national plan for cyber defense. . . . Nobody brought that about more than Paul Proctor. . . ."
Paul has developed numerous commercial technologies, has worked for the US President's National Security Telecommunications Advisory Committee and other agencies, and has been personally involved in several of the world's most significant intruder "take-downs". Sorry, but I can't tell you which ones. Paul would have to kill me.
Paul's book is designed to walk you through the issues that you need to consider and the practical steps you can take to come up with a workable and implementable plan for your company's or government agency's needs.
You will find it cleary written and clear-headed, as did the reviewers. And you will find an authorial voice that is sensible, logical, crisp and ready to teach: just like Paul. I hope you enjoy it, and that it helps you find the right solution for your situation.
"About this title" may belong to another edition of this title.
Book Description Prentice Hall, 2000. Paperback. Book Condition: New. book. Bookseller Inventory # 0130259608
Book Description Prentice Hall. PAPERBACK. Book Condition: New. 0130259608 New Condition. Bookseller Inventory # NEW6.0043020
Book Description Book Condition: Brand New. Book Condition: Brand New. Bookseller Inventory # 97801302596081.0
Book Description Prentice Hall, 2000. Paperback. Book Condition: Brand New. 1st edition. 384 pages. 9.50x7.25x1.25 inches. In Stock. Bookseller Inventory # 0130259608