Intrusion Signatures and Analysis
Sams Publishing (Verlag)
978-0-7357-1063-4 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
Intrusion Detection is a red-hot topic in today's technology and security field. You hear daily stories of networks compromised or rendered unusable by attack. The cyber-criminals behind this must be stopped. The majority of the security analysts working today are not properly trained to do their important work, and often have to learn on the job or on their own. This book empowers the security specialist to analyze and interpret the traces that they are seeing, find their source, and stop the intrusion. This book also contains must-have information for the experienced intrusion analyst.
Stephen Northcutt is the author of several books including: Incident Handling Step-by-Step, Intrusion Detection: Shadow Style (both by the SANS Institute) and Network Intrusion Detection: An Analyst's Handbook (New Riders) as well as a contributing editor for Securing NT Step-by-Step (The SANS Institute.) He was the original developer of the Shadow intrusion detection system and served as the leader of the Department of Defenses Shadow Intrusion Detection Team for two years. Mr. Northcutt was the Chief for Information Warfare at the Ballistic Missile Defense Organization and currently serves as the Director for GIAC Training and Certification for the SANS Institute. Mark Cooper graduated from UMIST in 1991 with a BS in Microelectronic Systems Engineering. Currently working as a security consultant, he reached his current position after spending many years as a software engineer and then as a UNIX Systems Administrator. He is now a SANS GIAC Certified Intrusion Analyst. Matt Fearnow is a Network/ Security Administrator for Macmillan USA. Before working at Macmillan, he served in the US Navy as a Sonar Technician aboard submarines. In his current duties he constantly utilizes his SANS GIAC certification and is a frequent contributor to the SANS GIAC website. Matt was the first to establish categories for the traces from completed GIAC practicals. Karen Frederick is an Infosec Engineer for Sun Tzu Security in Milwaukee, Wisconsin. She earned her bachelor's degree in computer science from the University of Wisconsin-Parkside, and she is currently completing her master's degree thesis in intrusion detection from the University of Idaho's Engineering Outreach program. Karen holds several certifications, including Microsoft Certified Systems Engineer + Internet, Check Point Certified Security Administrator and GIAC Certified Intrusion Analyst.
1. Reading Log Formats.
2. Introduction to the Practicals.
3. The Ten Most Critical Internet Security Threats, Part 1.
4. The Ten Most Critical Internet Security Threats, Part 2.
5. Reactions and Responses.
6. Perimeter Logs.
7. Non-Malicious Traffic.
8. Network Mapping.
9. Scans that Probe Systems for Information.
10. Denial Of Service (DoS)—Resource Starvation.
11. Denial Of Service (DoS)—Bandwidth Consumption.
12. Trojans.
13. Exploits.
14. Buffer Overflows with Content.
15. Fragmentation.
16. False Positives.
17. Out of Spec Packets.
| Erscheint lt. Verlag | 30.1.2001 |
|---|---|
| Verlagsort | Indianapolis |
| Sprache | englisch |
| Maße | 100 x 100 mm |
| Gewicht | 100 g |
| Themenwelt | Informatik ► Theorie / Studium ► Kryptologie |
| ISBN-10 | 0-7357-1063-5 / 0735710635 |
| ISBN-13 | 978-0-7357-1063-4 / 9780735710634 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
