×

Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

Intrusion Signatures and Analysis
     

Intrusion Signatures and Analysis

5.0 1
by Matt Fearnow
 

ISBN-10: 0735710635

ISBN-13: 9780735710634

Pub. Date: 01/19/2001

Publisher: Sams

Intrusion Signatures and Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. After a challenging four-chapter review, the reader finds page after page of signatures, in order by categories. Then the content digs right into reaction

Overview

Intrusion Signatures and Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. After a challenging four-chapter review, the reader finds page after page of signatures, in order by categories. Then the content digs right into reaction and responses covering how sometimes what you see isn¿t always what is happening. The book also covers how analysts can spend time chasing after false positives. Also included is a section on how attacks have shut down the networks and web sites of Yahoo, and E-bay and what those attacks looked like. Readers will also find review questions with answers throughout the book, to be sure they comprehend the traces and material that has been covered.

Product Details

ISBN-13:
9780735710634
Publisher:
Sams
Publication date:
01/19/2001
Series:
Landmark Series
Pages:
448
Product dimensions:
7.00(w) x 8.90(h) x 1.00(d)

Related Subjects

Table of Contents

1. Reading Log Formats.

2. Introduction to the Practicals.

3. The Ten Most Critical Internet Security Threats, Part 1.

4. The Ten Most Critical Internet Security Threats, Part 2.

5. Reactions and Responses.

6. Perimeter Logs.

7. Non-Malicious Traffic.

8. Network Mapping.

9. Scans that Probe Systems for Information.

10. Denial Of Service (DoS)—Resource Starvation.

11. Denial Of Service (DoS)—Bandwidth Consumption.

12. Trojans.

13. Exploits.

14. Buffer Overflows with Content.

15. Fragmentation.

16. False Positives.

17. Out of Spec Packets.

Customer Reviews

Average Review:

Post to your social network

     

Most Helpful Customer Reviews

See all customer reviews

Intrusion Signatures and Analysis 5 out of 5 based on 0 ratings. 1 reviews.
Guest More than 1 year ago
The real-world signatures in this book, along with the analysis, make this a wonderful reference book. There is, of course, no substitute for experience. However, this book provides an excellent baseline of experience for any Intrusion Analyst! From that baseline one should be able to better analyze future attacks; there is, after all, only so much an attacker can do. This book was made possible by contributors to GIAC (Global Incident Analysis Center); professionals out 'in the trenches' dealing with attacks of all shape and size on a daily basis. These traces were not generated in a lab; they're the same traces you will see on your network if you're looking for them. I've already used this book as a reference guide and it sits on my shelf next to 'TCP/IP Illustrated V1' by Dr. Richard Stevens and 'Intrusion Detection: An Analysts Handbook V2' by Stephen Northcutt and Judy Novak- I use all on a regular basis. Whether you are just starting out in the IDS realm or whether you're an established Analyst sitting on an enterprise of sensors this book is for you. -- Brent Deterding Enterprise Manager of Network Security - Solutia Inc.