- Shopping Bag ( 0 items )
From Barnes & NobleThe Barnes & Noble Review
We admired the first edition of Network Intrusion Detection for its extraordinary insight into the realities of network intrusions and countermeasures. Author Stephen Northcutt knows this stuff: He was Chief of Information Warfare for the U.S. Ballistic Missile Defense Organization. Well, the ink barely dried on that book before new attacks and new tools arrived -- and hot on their heels, a new edition that's even better than the original.
Joined by co-author Judy Novak, Northcutt has updated nearly everything, adding extensive new coverage. For example, there's updated coverage of denial of service attacks (including "elegant" one-packet kills that take advantage of flaws in the IP stack's capability to deal with illegal conditions). There's a full chapter on attacks utilizing remote procedure calls, which (together with DNS), now account for the majority of compromised UNIX systems.
You'll find a full chapter dissecting one of Kevin Mitnick's legendary attacks (which may be old, but still illustrates crucial issues in intrusion detection). To complement it, there's a new chapter chronicling the fascinating hunt for the Timex intruder, tracked as far as London and Zagreb, Croatia (so far, that is). You'll also find a full chapter on separating real attacks from false positives and up-to-date guidance on choosing network intrusion detection tools (including a hard-eyed look at their significant limitations). If you have any interest at all in the technical aspects of computer security, you'll find this book to be utterly compelling. (Bill Camarda)
Bill Camarda is a consultant and writer with nearly 20 years' experience in helping technology companies deploy and market advanced software, computing, and networking products and services. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.