Network Intrusion Detection (3rd Edition)

3.72 avg rating
( 68 ratings by Goodreads )
 
9780735712652: Network Intrusion Detection (3rd Edition)

The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.

"synopsis" may belong to another edition of this title.

Review:

A collection of after-action reports on a variety of network attacks, Network Intrusion Detection enables you to learn from others' mistakes as you endeavor to protect your networks from intrusion. Authors Stephen Northcutt and Judy Novak document real attacks on systems, and highlight characteristics that you--you being a network communications analyst or security specialist--can look for on your own machines. The authors mince no words, and advise you on the detection tools to use (they like and use Snort, as well as Shadow, Tripwire, TCP Wrappers, and others) and how to use them. This second edition of the book includes less about year-2000 preparation and more about the latest in attacks, countermeasures, and the growing community of white-hat hackers who share information to keep systems safe.

In teaching their readers about the attacks that exploit a particular protocol or service, the authors typically present a TCPdump listing that shows an attack, and then comment upon it. They tell you what the attackers did, how successful they were, and how the attack might have been detected and shut down. To cite one example, there's a very detailed analysis of Kevin Mitnick's famous attack (a SYN flood, combined with TCP hijacking) on one of Tsutomu Shimomura's machines. By following the advice in this book, you'll likely do well in protecting your machines against people whom the authors call "script kiddies" --small-time hackers who follow published recipes (or run prewritten routines). Also, you'll be about as prepared as you can be against more skilled attackers who make up their attacks on their own. This is great reading for anyone who's involved in developing filters to ward off attacks or monitoring network communications for suspicious activity. It's also a valuable resource for someone who's evaluating network countermeasures in preparation for deployment. --David Wall

Topics covered: Analysis of TCP/IP traffic, with an eye toward detecting and halting malicious activity, both manually and automatically. Subjects include tools for finding weaknesses and initiating attacks, and the signatures that identify these tools. There's discussion of the vulnerabilities that exist in services, such as IMAP and Domain Name System (DNS).

From the Inside Flap:

"The 2nd Edition of Network Intrusion Detection fortifies its position as the primary manual for front-line intrusion detectors. One of this book's major achievements is that it succinctly and thoroughly addresses the training needs of personnel operating sophisticated Intrusion Detection Systems. No other published volume gives hands-on analysts the tools to separate false positives from true alerts on a daily basis.

Buy this book if your job involves intrusion detection, incident response, or computer security in general. You will walk away wiser and better prepared to face the wiles of the Internet, and your company will benefit from an improved security posture."

-Captain Richard Bejtlich, Intrusion Technician, Air Force Computer Emergency Response Team

"This is the ONLY book addressing effective network intrusion detection and response. The content comes directly from daily "front-line" experience, and the material represents the best consensus from a variety of expert practitioners. There is not a resource out there which has more relevant than this book. I am rewriting my filters today based on what I have read." -Andy Johnston, Distributed System Manager, Office of Information Technology, University of Maryland, Baltimore County

"I love the writing style. Conversational with just enough humor to keep it interesting. Points like "seasoned administrators can skip this chapter" and "this point is important to understanding the rest of the chapter" are great guides to helping the reader work their way through the material."

-Chris Brenton, Senior Research Engineer at Dartmouth's Institute for Security Technology Studies

"I was particularly impressed by the suggested presentations to managers for laying out a cost-benefit analysis of the overall benefits of purchasing a host-based intrusion detection system and appropriate training for analysts. Intrusion Detection Systems can be extremely costly and may seem like "money pits" to people who do not understand the need for monitoring networks. This book would be extremely useful for anyone wishing to approach corporate managers on both of these issues."

-John Furlong, Security Consultant

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Northcutt, Stephen
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Quantity Available: 2
Seller
Paperbackshop-US
(Wood Dale, IL, U.S.A.)
Rating
[?]

Book Description 2002. PAP. Book Condition: New. New Book. Shipped from US within 10 to 14 business days. Established seller since 2000. Bookseller Inventory # KS-9780735712652

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 29.57
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

2.

Northcutt, Stephen
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Paperback Quantity Available: 1
Seller
BargainBookStores
(Grand Rapids, MI, U.S.A.)
Rating
[?]

Book Description Paperback. Book Condition: New. Bookseller Inventory # 1465303

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 31.01
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

3.

Northcutt, Stephen, Novak, Judy
Published by Sams Publishing (2002)
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Quantity Available: 1
Seller
Nearfine Books
(Brooklyn, NY, U.S.A.)
Rating
[?]

Book Description Sams Publishing, 2002. Book Condition: new. Shiny and new! Expect delivery in 20 days. Bookseller Inventory # 9780735712652-1

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 31.99
Convert Currency

Add to Basket

Shipping: US$ 4.00
Within U.S.A.
Destination, Rates & Speeds

4.

Northcutt, Stephen
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Quantity Available: 5
Seller
Pbshop
(Wood Dale, IL, U.S.A.)
Rating
[?]

Book Description 2002. PAP. Book Condition: New. New Book.Shipped from US within 10 to 14 business days. Established seller since 2000. Bookseller Inventory # IB-9780735712652

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 33.04
Convert Currency

Add to Basket

Shipping: US$ 3.99
Within U.S.A.
Destination, Rates & Speeds

5.

Northcutt, StephenNovak, Judy
Published by Prentice Hall
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Quantity Available: > 20
Seller
INDOO
(Avenel, NJ, U.S.A.)
Rating
[?]

Book Description Prentice Hall. Book Condition: New. Brand New. Bookseller Inventory # 0735712654

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 34.33
Convert Currency

Add to Basket

Shipping: US$ 3.50
Within U.S.A.
Destination, Rates & Speeds

6.

Stephen Northcutt, Judy Novak
Published by Pearson Education (US), United States (2002)
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Paperback Quantity Available: 1
Seller
The Book Depository US
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2002. Paperback. Book Condition: New. 3rd Revised edition. Language: English . Brand New Book. The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country s government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters. Bookseller Inventory # AAS9780735712652

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 40.44
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

7.

Stephen Northcutt, Judy Novak
Published by Pearson Education (US), United States (2002)
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Paperback Quantity Available: 1
Seller
The Book Depository
(London, United Kingdom)
Rating
[?]

Book Description Pearson Education (US), United States, 2002. Paperback. Book Condition: New. 3rd Revised edition. Language: English . Brand New Book. The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country s government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters. Bookseller Inventory # AAS9780735712652

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 41.57
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

8.

Stephen Northcutt/ Judy Novak
Published by Sams (2002)
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Paperback Quantity Available: 1
Seller
Revaluation Books
(Exeter, United Kingdom)
Rating
[?]

Book Description Sams, 2002. Paperback. Book Condition: Brand New. 3rd sub edition. 550 pages. 8.75x7.00x1.00 inches. In Stock. Bookseller Inventory # __0735712654

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 35.70
Convert Currency

Add to Basket

Shipping: US$ 7.72
From United Kingdom to U.S.A.
Destination, Rates & Speeds

9.

Stephen Northcutt, Judy Novak
Published by Pearson Education 2002-08-27, Indianapolis, Ind. |London (2002)
ISBN 10: 0735712654 ISBN 13: 9780735712652
New paperback Quantity Available: 1
Seller
Blackwell's
(Oxford, OX, United Kingdom)
Rating
[?]

Book Description Pearson Education 2002-08-27, Indianapolis, Ind. |London, 2002. paperback. Book Condition: New. Bookseller Inventory # 9780735712652

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 42.39
Convert Currency

Add to Basket

Shipping: US$ 3.86
From United Kingdom to U.S.A.
Destination, Rates & Speeds

10.

Stephen Northcutt, Judy Novak, Judy Novak
Published by Pearson Education (US)
ISBN 10: 0735712654 ISBN 13: 9780735712652
New Paperback Quantity Available: 2
Seller
THE SAINT BOOKSTORE
(Southport, United Kingdom)
Rating
[?]

Book Description Pearson Education (US). Paperback. Book Condition: new. BRAND NEW, Network Intrusion Detection (3rd Revised edition), Stephen Northcutt, Judy Novak, Judy Novak, The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters. Bookseller Inventory # B9780735712652

More Information About This Seller | Ask Bookseller a Question

Buy New
US$ 39.73
Convert Currency

Add to Basket

Shipping: US$ 8.93
From United Kingdom to U.S.A.
Destination, Rates & Speeds

There are more copies of this book

View all search results for this book