The Tao of network security monitoring : beyond intrusion detection / Richard Bejtlich ; foreword by Ron Gula.

By:

Bejtlich, Richard, Author

Material type:

TextPublication details: Boston : Addison-Wesley, c2005.Description: xxxiv, 798 pages : illustrations ; 24 cmISBN:

0321246772 (pbk.)

Subject(s):

LOC classification:

CIR TK 5105.59 B45 2005

Contents:

Contents Ch. 1 The security process 3 Ch. 2 What is network security monitoring? 25 Ch. 3 Deployment considerations 45 Ch. 4 The reference intrusion model 105 Ch. 5 Full content data 119 Ch. 6 Additional data analysis 173 Ch. 7 Session data 211 Ch. 8 Statistical data 247 Ch. 9 Alert data : Bro and Prelude 285 Ch. 10 Alert data : NSM using Sguil 317 Ch. 11 Best practices 347 Ch. 12 Case studies for managers 385 Ch. 13 Analyst training program 405 Ch. 14 Discovering DNS 433 Ch. 15 Harnessing the power of session data 473 Ch. 16 Packet monkey heaven 491 Ch. 17 Tools for attacking network security monitoring 521 Ch. 18 Tactics for attacking network security monitoring 583 Epilogue : the future of network security monitoring 651 App. A Protocol header reference 663 App. B Intellectual history of network security monitoring 685 App. C Protocol anomaly detection

Summary: Using real-life case studies of compromised networks, this title shows readers how to quickly develop and apply the skills necessary to detect, prevent, and respond to new and emerging threats to computer security

Tags from this library: No tags from this library for this title. Log in to add tags.

Average rating: 0.0 (0 votes)

Holdings
Item type	Current library	Collection	Shelving location	Call number	Copy number	Status	Barcode
Book	Cavite State University - CCAT Campus	Book	GCS	CIR TK 5105.59 B45 2005 (Browse shelf(Opens below))	c.1	Available	R0010293
Book	Cavite State University - CCAT Campus	Book	GCS	CIR TK 5105.59 B45 2005 (Browse shelf(Opens below))	c.2	Available	R0010294
Book	Cavite State University - CCAT Campus	Book	GCS	CIR TK 5105.59 B45 2005 (Browse shelf(Opens below))	c.3	Available	R0010295
Book	Cavite State University - CCAT Campus	Book	GCS	CIR TK 5105.59 B45 2005 (Browse shelf(Opens below))	c.4	Available	R0010296
Book	Cavite State University - CCAT Campus	Book	GCS	CIR TK 5105.59 B45 2005 (Browse shelf(Opens below))	c.5	Available	R0010297
Book	Cavite State University - CCAT Campus	Book	GCS	CIR TK 5105.59 B45 2005 (Browse shelf(Opens below))	c.6	Available	R0010298

Includes index

Contents
Ch. 1 The security process 3
Ch. 2 What is network security monitoring? 25
Ch. 3 Deployment considerations 45
Ch. 4 The reference intrusion model 105
Ch. 5 Full content data 119
Ch. 6 Additional data analysis 173
Ch. 7 Session data 211
Ch. 8 Statistical data 247
Ch. 9 Alert data : Bro and Prelude 285
Ch. 10 Alert data : NSM using Sguil 317
Ch. 11 Best practices 347
Ch. 12 Case studies for managers 385
Ch. 13 Analyst training program 405
Ch. 14 Discovering DNS 433
Ch. 15 Harnessing the power of session data 473
Ch. 16 Packet monkey heaven 491
Ch. 17 Tools for attacking network security monitoring 521
Ch. 18 Tactics for attacking network security monitoring 583
Epilogue : the future of network security monitoring 651
App. A Protocol header reference 663
App. B Intellectual history of network security monitoring 685
App. C Protocol anomaly detection

Using real-life case studies of compromised networks, this title shows readers how to quickly develop and apply the skills necessary to detect, prevent, and respond to new and emerging threats to computer security

In English text.

There are no comments on this title.

to post a comment.

Click on an image to view it in the image viewer