Regular marked price: $50.00Discount Price: $31.50
Cost Savings: $18.50 (37%)Price fluctuation possible.
How soon does it ship: Normal ship time within one day
Shipping? Absolutely FREE if you qualify for Super Saver Shipping.
Type of bind: Paperback
Dewey Decimal Number: 005.8
EAN num: 9780735712652
ISBN number: 0735712654
Label: Sams
Manufacturer: Sams
Quantity: 1
Page Count: 512
Printing Date: September 06, 2002
Publishing house: Sams
Sale Popularity Level: 373679
Studio: Sams
Other books you might be interested in perusing:
Editor's Notes and Comments:
Product Description:
The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.
Amazon.com Review:
Network Intrusion Detection: An Analyst's Handbook explains some of what you need to know to prevent unauthorized accesses of your networked computers and minimize the damage intruders can do. It emphasizes, though, proven techniques for recognizing attacks while they're underway. Without placing too much emphasis (or blame, for that matter) on any operating system or other software product, author Stephen Northcutt explains ways to spot suspicious behavior and deal with it, both automatically and manually.
The case studies, large and small, are the best part of this book. Northcutt opens with a technical brief on the methods used by Kevin Mitnick in his attack upon Tsutomu Shimomura's server. In documenting that famous attack, Northcutt explains SYN flooding and TCP hijacking with clarity and detail: readers get a precise picture of what Mitnick did and how Shimomura's machine reacted. A former security expert for the U.S. Department of Defense, Northcutt explains how a system administrator would detect and defeat an attack like Mitnick's. Another case study appears later in the book, this one in the form of a line-by-line analysis of a .history file that shows how a bad guy with root privileges attacked a Domain Name System (DNS) server. Reading Northcutt's analysis is like reading a play-by-play account of a football match. Network Intrusion Detection is one of the most readable technical books around. --David Wall
Topics covered: Catching intruders in the act by recognizing the characteristics of various kinds of attacks in real time, both manually and with the use of filters and other automated systems; techniques for identifying security weaknesses and minimizing false security alarms.
User popularity level:
Rated by buyers 
-
This is a great book for both someone new to intrusion detection and people who already have familiarity with the field. A great, easily approachable chapter on internet basics, followed by very clear descriptions and examples. Combines specific examples with discusion of the broader context, themes, and issues around intrusion detection. And there's also a fair bit of humour and "in the trenches" feel, making the book a lour more fun to read than I thought it would be. For my purposes, I found this book the "mother lode" giving me the information and perspective I needed.
Rated by buyers -
This book is written for professionals who are practicing intrusion detection. If you need a graduate level presentation that contains theory and references, then see Intrusion Detection (MTP) and Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response, but you will still need this book to see how intrusion detection is actually done.
Rated by buyers -
The book's very good,it's very helpful for those who work with network,specially in security field.The authors are very experienced in networking.
It describes the TCP/IP in detail and shows how it work and how to recognize strange network traffic by monitoring the network using tcpdump.
I recommend it for seasoned network administrators and for beginners.
Rated by buyers 
-
Very nice! Wow this book gets into detail, down to sequence numbers anomalies, I mean after reading this you can read tcpdumps and just be able to see whats going on - kind of like that scene in the matrix with being able to look at code and see the woman in the red.
Well maybe Im going overboard a bit, but it does give you really nice detail of how the protocol works, how it can be attacked, how DNS/FTP/email/telnet etc work and can be used maliciously - so that way you know how to pick up on attacks. Not bad at all. Combine this book with another one focusing purely on a specific IPS/IDS and maybe one more purely focusing on hacking tools, and Id say you are well armed.
Of course I would recommend real life lab-time usage of all discussed :)
Rated by buyers 
-
If you read through the reviews, you would think that there is no other better book on the exposition of IDS systems than this one. The fact is that the quality of presentation of material is very poor, and the book reads like a collection of newsgroup replies and a few cut and paste web articles. So why this discusion ? It happens that Stephen Northcutt is an author and evaluator at GIAC and SANS, private organizations trying to hype up their brand name "certifications". It helps to be in the good looks of SANS when it comes to the "certification" and "advertising" arena. The bottom line: read between the lines (there is one proper review in the list before this one) and hope for a more objective approach when it comes to book reviews. Until then, if you do not trust this review, you have to risk it and buy it ! Flamers, you are welcome to go ahead and get into the good books of Northcutt.
Find other books like this one:
