2020ok  Directory of FREE Online Books and FREE eBooks

Free eBooks > Computers & Internet > Web Development > Security & Encryption > Encryption > Intrusion Detection And Prevention

Intrusion Detection And Prevention

by Carl Endorf, Gene Schultz, and Jim Mellander


Download Book

If you are the author or the publisher, and would like to link to your site here, please contact us.



About Book

Book Description
Authors Carl Endorf, Eugene Schultz, and Jim Mellander deliver the hands-on implementation techniques that IT professionals need. Learn to implement the top intrusion detection products into real-world networked environments and covers the most popular intrusion detection tools including Internet Security Systems' Black ICE & RealSecure, Cisco Systems' Secure IDS, Computer Associates’ eTrust, Entercept, and the open source Snort tool.

Book Info
Text shows step-by-step how to mount a comprehensive defense against hackers, perform real-time security monitoring, and implement a proactive incident response plan. Covers many examples of IDS software, including TCPDump, RealSecure, Cisco Secure IDS, Network Flight Recorder, and Snort 2.0. Softcover.

From the Back Cover
Implement enterprise-wide security solutions based on detailed traffic and attack analysis

In today’s converged networking environment, cyber crime is on the rise and getting more sophisticated every day. Malicious hackers lurk in dark corners, scanning for vulnerable systems and launching debilitating attacks. Intrusion Detection & Prevention shows you, step-by-step, how to mount a comprehensive defense, perform real-time security monitoring, and implement a proactive incident response plan. Major examples of IDS software are covered, including TCPDump, RealSecure, Cisco Secure IDS, Network Flight Recorder, and Snort 2.0. You’ll learn how to properly place and configure network sensors, analyze packets and TCP streams, correlate data, and counter attempted break-ins. Plus, you’ll get vital coverage of legal standards, business guidelines, and the future of intrusion prevention.

Inside, learn to:
  • Identify and eliminate abnormal network traffic patterns and application-level abuses
  • Capture, store, and analyze network transactions with TCPDump
  • Deploy sensors, agents, and manager components in single-tiered, multi-tiered, and peer-to-peer architectures
  • Grab, filter, decode, and process data packets and TCP streams
  • Manage RealSecure Network Sensors, alerts, encryption keys, and reports
  • Implement ISS’s new central management system, SiteProtector 2.0
  • Administer Cisco Secure IDS, Cisco Threat Response, and the Cisco Security Agent
  • Distribute CSIDS 4200 Series Sensors and Catalyst 6000 IDS modules
  • Use Snort 2.0 rules, outputs, and plug-ins to detect unauthorized activity
  • Monitor transactions with the Snort 2.0 Protocol Flow Analyzer
  • Perform packet inspection and protocol anomaly detection with Network Flight Recorder
  • Assess threat levels using data correlation, fusion, and vulnerability scanning
ABOUT THE AUTHORS: Carl F. Endorf, CISSP, CISM, SSCP, CCNA, ITIL, CIWA, GSEC, IAM, is a technical security analyst working in the financial and insurance industries. Eugene Schultz, Ph.D., CISSP, CISM, is a Principal Engineer with Lawrence Berkeley National Laboratory and the Editor-in-Chief of Computers and Security Jim Mellander, a Principal Engineer with Lawrence Berkeley National Laboratory, developed the Kazaa Obliterator software, which prevents unauthorized peer-to-peer use. He teaches courses on intrusion detection and incident response.

About the Author
Carl Endorf,(Normal, IL) MS, CISSP, SSCP, MCSE, CCNA, ITIL, CIWA, GSEC, IAM is a technical security analyst for one of the largest Insurance and banking companies in the U.S. He has practical experience in intrusion attack detection, as an incident manager, forensics, corporate investigations and Internet security. Carl has written two certification study guides and has written many articles for Information Security Bulletin. Eugene Schultz, Ph.D., CISSP (Livermore, CA) is a Principal Engineer with Lawrence Berkeley National Laboratory and also teaches computer science courses at the University of California at Berkeley. He is the author/co-author of multiple security titles for New Riders and O’Reilly. Gene is the Editor-in-Chief of Computers and Security, and was the Editor-in-Chief of Information Security Bulletin from 2000 through 2001. Jim Mellander (El Sobrante, CA) Is the developer of innovative peer-to-peer control software called Kazaa Obliterator, which prevents unauthorized peer-to-peer use at LBNL. He also taught classes at community colleges, user groups and conferences on the topics of Intrusion Detection/Incident Response, UNIX vulnerabilities, Linux firewalls, and TCP/UDP basics for Network Security, and is a SANS Instructor who teaches a course on UPDATE

Comments

SEND A COMMENT

PLEASE READ: All comments must be approved before appearing in the thread; time and space constraints prevent all comments from appearing. We will only approve comments that are directly related to the article, use appropriate language and are not attacking the comments of others.

Message (please, no HTML tags. Web addresses will be hyperlinked):

Related Free eBooks

Related Tags

DIGG This story   Save To Google   Save To Windows Live   Save To Del.icio.us   diigo it   Save To blinklist
Save To Furl   Save To Yahoo! My Web 2.0   Save To Blogmarks   Save To Shadows   Save To stumbleupon   Save To Reddit