Network Intrusion Detection

As the number of corporate, government, and educational networks grows and becomes more connected, so too does the number of attacks on those networks. Stephen Northcutt - original developer of the Shadow intrusion detection system, former head of the Department of Defense's Shadow Intrusion Detection Team, and currently the Chief Information Warfare Officer for the U.S. Ballistic Missile Defense Organization - gives you Network Intrusion Detection: An Analyst's Handbook.Written to be both a training aid and a technical reference for intrusion detection analysts, Northcutt's book contains unparalleled, practical experience that can't be found anywhere else. With detailed explanations and illustrative examples from his own career, Northcutt covers the topic completely, from detect evaluation, analysis, and situation handling, through the theories involved in understanding hackers, intelligence gathering, and coordinated attacks, to an arsenal of preventive and aggressive security measures.Ideal for the serious security analyst, Network Intrusion Detection: An Analysts Handbook is the tool that puts you in full control of your network's security.If you are responsible for monitoring and protecting your network against attack, use this book to:* Identify vulnerable targets on your system* Mitigate your security risks* Recognize common and unusual attack patterns* Create effective filters, honeypots, and firewalls* Know and disable your enemies* Recognize real detects versus false alarms, and know when to report them* Set up your system to avoid false detects* Evaluate ID systems and third-party tools* Learn about automated response and manualresponse in relation to real-time analysis* Propose and justify ID expenditures to management