AnyBook4Less.com	Find the Best Price on the Web Order from a Major Online Bookstore
Home  |  Store List  |  FAQ  |  Contact Us  |
Ultimate Book Price Comparison Engine Save Your Time And Money Keyword AuthorISBN

Title: Intrusion Signatures and Analysis by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick ISBN: 0-7357-1063-5 Publisher: Que Pub. Date: 29 January, 2001 Format: Paperback Volumes: 1 List Price(USD): $39.99

Your Country USA Canada United Kingdom Australia Austria Belgium France Germany Italy Netherlands Switzerland Currency AutoUSD CAD GBP EUR AUD CHF Delivery Only cheapest delivery All delivery options Include Used Books Are you a club member of: Barnes and Noble Books A Million Chapters.Indigo.ca

Average Customer Rating: 4.25 (8 reviews)

Rating: 5
Summary: When a good book is worth a thousand experiences!
Comment: This is the best book about Intrusion Signatures published yet.
I teach computer security at a local university, and with the only help of this book, I could take care of all the practical aspects of my last course. If you have already a good background on this field, and read and understand thoroughly the book, then you can afford any related security certification test.
Chapters 3 through 17, present several well documented cases, which, in turn, are discussed following the same standard:
- Presentation
- Source of Trace
- Detect Generated by
- Probability the Source Address Was spoofed
- Attack Description
- Attack Mechanism
- Correlations
- Evidence of Active Targeting
- Severity
- Defense Recommendations
- Questions

Chapter 1 introduces the reader to Analysis of Logs (including Snort, Tcpdump, and Syslog), IDS, and Firewalls. Even being a quick review, it is quite useful, though.
Chapter 2 explains the way the cases are studied.

The covered vulnerabilities and attacks include:
- Internet Security Threats
- Routers and Firewalls Attacks
- IP Spoofing
- Networks Mapping and Scanning
- Denial of Service
- Trojans
- Assorted Exploits
- Buffer Overflows
- IP Fragmentation
- False Positives
- Crafted Packets

At the bottom line, this is one of the 5 best computer security books I ever read. Even for non experts, the book can be a valuable tool to improve the understanding on this field.
Try it.

Rating: 5
Summary: A Great Title For Security Geeks to Learn Packet Forensics
Comment: I read this book out of general interest and a need to dig deeper into the technical aspects of security, and intrusion detection in particular. For that, this title is perfect!

It's great to learn intrusion detection, packet analysis, forensics, attack methodologies, attack recognition, and similar topics. And oh, by the way, if you have any interest at all in certification, Intrusion Signatures and Analysis is the study guide for one of the hottest new certs there is: SANS GIAC Intrusion Detection In Depth.

Rating: 5
Summary: Includes review questions with throughout the book
Comment: A must-have for the serious network security professional, Intrusion Signatures And Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. Readers will find page after page of signatures, in order by categories as well as a case study section on how attacks have shut down the networks and web sites of Yahoo, and E-bay and what those attacks looked like. As an added feature, the collaborative authors Stephen Northcutt; Mark Cooper; Matt Fearnow; and Karen Frederick included review questions with throughout the book to help readers be sure they comprehend the traces and material that has been covered. Intrusion Signatures And Analysis is a recommended resource for the SANS Institute GIAC certification program. 448 pp.

Similar Books:

	Title: Network Intrusion Detection (3rd Edition) by Stephen Northcutt, Judy Novak ISBN: 0735712654 Publisher: Que Pub. Date: 27 August, 2002 List Price(USD): $45.00
	Title: Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey ISBN: 0735712328 Publisher: Que Pub. Date: 28 June, 2002 List Price(USD): $49.99
	Title: Snort 2.0 Intrusion Detection by Brian Caswell, Jay Beale, James C. Foster, Jeremy Faircloth ISBN: 1931836744 Publisher: Syngress Pub. Date: February, 2003 List Price(USD): $49.95
	Title: Intrusion Detection by Rebecca Gurley Bace ISBN: 1578701856 Publisher: Que Pub. Date: 21 December, 1999 List Price(USD): $50.00
	Title: Honeypots: Tracking Hackers by Lance Spitzner ISBN: 0321108957 Publisher: Addison-Wesley Pub Co Pub. Date: 10 September, 2002 List Price(USD): $44.99