当前位置: 首页 > 资源下载 > 网络通信安全 > 查看资源

资源分类
Web开发
Java
.NET
编程语言
数据库
软件工程
图形动画
系统管理
网络通信安全
计算机理论
考试认证
人文百科
文档手册
硬件技术
办公软件

The Tao of Network Security Monitoring Beyond Intrusion Detection

The Tao of Network Security Monitoring Beyond Intrusion Detection

书名:The Tao of Network Security Monitoring Beyond Intrusion Detection

上传:石头

时间:2009-12-29

文件大小:15.46 MB

资源出处:查看资源出处 >>

收藏到网摘: n/a



作者:Richard Bejtlich
出版日期:July 12, 2004
出版社:Addison Wesley
页数:832
ISBN:0-321-24677-2
文件格式:CHM


”The book you are about to read will arm you withthe knowledge you need to defend your network from attackers—both theobvious and the not so obvious….If you are new to network security,don't put this book back on the shelf! This is a great book forbeginners and I wish I had access to it many years ago. If you'velearned the basics of TCP/IP protocols and run an open source orcommercial IDS, you may be asking 'What's next?' If so, this book isfor you.”

—Ron Gula, founder and CTO, Tenable Network Security, from the Foreword

“Richard Bejtlich has a good perspective on Internetsecurity—one that is orderly and practical at the same time. He keepsreaders grounded and addresses the fundamentals in an accessible way.”

—Marcus Ranum, TruSecure

“This book is not about security or networkmonitoring: It's about both, and in reality these are two aspects ofthe same problem. You can easily find people who are security expertsor network monitors, but this book explains how to master both topics.”

—Luca Deri, ntop.org

“This book will enable security professionals of allskill sets to improve their understanding of what it takes to set up,maintain, and utilize a successful network intrusion detectionstrategy.”

Every network can be compromised. There are too manysystems, offering too many services, running too many flawedapplications. No amount of careful coding, patch management, or accesscontrol can keep out every attacker. If prevention eventually fails,how do you prepare for the intrusions that will eventually happen?

Network security monitoring (NSM) equips securitystaff to deal with the inevitable consequences of too few resources andtoo many responsibilities. NSM collects the data needed to generatebetter assessment, detection, and response processes—resulting indecreased impact from unauthorized activities.

In The Tao of Network Security Monitoring ,Richard Bejtlich explores the products, people, and processes thatimplement the NSM model. By focusing on case studies and theapplication of open source tools, he helps you gain hands-on knowledgeof how to better defend networks and how to mitigate damage fromsecurity incidents.

Inside, you will find in-depth information on the following areas.



The NSM operational framework and deployment considerations.
How to use a variety of open-source tools—includingSguil, Argus, and Ethereal—to mine network traffic for full content,session, statistical, and alert data.
Best practices for conducting emergency NSM in anincident response scenario, evaluating monitoring vendors, anddeploying an NSM architecture.
Developing and applying knowledge of weapons,tactics, telecommunications, system administration, scripting, andprogramming for NSM.
The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance.
Whether you are new to network intrusion detectionand incident response, or a computer-security veteran, this book willenable you to quickly develop and apply the skills needed to detect,prevent, and respond to new and emerging threats.
Tags:beyondDetectionINTRUSIONMonitoringTao


大家都在看什么书

  • 《THE ART OF INTRUSION》 入侵的艺术
  • 设计模式解析(第二版)
  • C#编程语言详解(PDF中文版)
  • 文都基础班长难句精讲讲义
  • asp下的水印组件aspjpeg

评论 (1) 1 All

登陆 | 还没注册?