Skip to content
Cart (0) Free shipping over $35*
Buybacks (0) Free shipping on buybacks
loading
Help Contact
Return rental ›

INTRUSION DETECTION and PREVENTION

Best in textbook rentals since 2012!

ISBN-10: 0072229543

ISBN-13: 9780072229547

Edition: 2004

Authors: Carl Endorf, Gene Schultz, Jim Mellander, Jim Mellander

List price: $39.99
Blue ribbon 30 day, 100% satisfaction guarantee!
Marketplace
1 new & used from $31.37
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Description:

This volume covers the most popular intrusion detection tools including Internet Security Systems' Black ICE and RealSecurity, Cisco Systems' Secure IDS and Entercept, Computer Associates' eTrust and the open source tool Snort.
Customers also bought

Book details

List price: $39.99
Copyright year: 2004
Publisher: McGraw-Hill Osborne
Publication date: 12/16/2003
Binding: Paperback
Pages: 424
Size: 7.25" wide x 8.75" long x 1.00" tall
Weight: 1.782
Language: English

McGraw-Hill authors represent the leading experts in their fields and are dedicated to improving the lives, careers, and interests of readers worldwide

Forewordp. xxv
Acknowledgmentsp. xxvii
Introductionp. xxix
Intrusion Detection: Primer
Understanding Intrusion Detectionp. 3
Intrusion-Detection and Intrusion-Prevention Basicsp. 4
The History of Intrusion Detection and Preventionp. 10
WHY IDSs AND IPSs ARE IMPORTANTp. 12
IDS and IPS Analysis Schemesp. 13
IDS/IPS Pros and Consp. 19
Intrusion-Detection and Intrusion-Prevention Mythsp. 20
Summaryp. 22
Crash Course in the Internet Protocol Suitep. 23
An Introduction to the Seven-Layer OSI Reference Modelp. 24
TCP/IP vs. the OSI Reference Modelp. 27
Internet Protocol (IP)p. 28
Transmission Control Protocol (TCP)p. 34
User Datagram Protocol (UDP)p. 39
Internet Control Message Protocol (ICMP)p. 40
Address Resolution Protocol (ARP)p. 41
Domain Name System (DNS)p. 46
Summaryp. 47
Unauthorized Activity Ip. 49
General IDS Limitationsp. 50
Network Protocol Abusesp. 51
Summaryp. 68
Unauthorized Activity IIp. 69
Pros and Cons of Open Sourcep. 70
Types of Exploitsp. 71
Commonly Exploited Programs and Protocolsp. 78
Viruses and Wormsp. 88
Summaryp. 91
Tcpdumpp. 93
Tcpdump Command Line Optionsp. 94
Tcpdump Output Formatp. 97
Tcpdump Expressionsp. 99
Bulk Capturep. 102
How Many Bytes Were Transferred in That Connection?p. 104
Tcpdump as Intrusion Detection?p. 105
Tcpslice, Tcpflow, and Tcpjoinp. 108
Summaryp. 111
Architecture
IDS and IPS Architecturep. 115
Tiered Architecturesp. 116
Sensorsp. 119
Agentsp. 127
Manager Componentp. 131
Summaryp. 136
IDS and IPS Internalsp. 137
Information Flow in IDS and IPSp. 138
Detection of Exploitsp. 146
Malicious Code Detectionp. 154
Output Routinesp. 156
Defending IDS/IPSp. 157
Summaryp. 158
Implementation and Deployment
Internet Security System's RealSecurep. 161
Installation and Architecturep. 162
Configuring RealSecurep. 171
Creating and Implementing Event Filtersp. 180
Reportingp. 183
Signaturesp. 186
Upgradingp. 189
Summaryp. 194
Cisco Secure IDSp. 197
Designing Your Cisco-Based Solutionp. 199
Summaryp. 230
Snortp. 231
About Snortp. 232
Snort Modesp. 233
Snort's IDS Componentsp. 234
Snort Rulesp. 236
Snort Outputp. 239
Special Requirementsp. 240
More About Snort 2.0p. 242
Additional Toolsp. 245
Evaluationp. 245
Summaryp. 247
NFR Securityp. 249
NFR Detection Methodologyp. 250
NFR Architecturep. 250
Sentivist Signaturesp. 252
Alerts and Forensicsp. 254
Cool Things You Can Do with N-Codep. 257
Central Management Serverp. 257
Sentivist Deployment Strategyp. 261
NFR Reportingp. 271
Extending NFRp. 271
Summaryp. 271
Security and IDS Management
Data Correlationp. 275
The Basics of Data Correlationp. 276
Advanced Approaches to Data Correlation and Fusionp. 281
Understanding and Using Statistical Correlationp. 283
Baysian Inferencep. 287
Real-Time Versus After-the-Fact Correlationp. 289
Summaryp. 292
Incident Responsep. 293
Response Typesp. 295
The Incident-Response Processp. 296
IDS and IPS Incident-Response Phasesp. 302
Forensicsp. 306
Corporate Issuesp. 307
Summaryp. 310
Policy and Proceduresp. 311
Policies, Standards, Guidelines, Procedures, and Baselinesp. 312
Summaryp. 317
Laws, Standards, and Organizationsp. 319
Understanding Legal Systemsp. 320
U.S. Computer-Related Lawsp. 321
State Lawsp. 323
International Cyber Security-Related Lawsp. 326
Standardsp. 327
Organizationsp. 330
Legal Resources on the Webp. 331
Summaryp. 331
Security Business Issuesp. 333
The Business Case for Intrusion Detection and Preventionp. 334
IDS Deployment Costsp. 336
Acquisitionp. 338
Managing Intrusion Detectionp. 342
Summaryp. 343
The Future of Intrusion Detection and Preventionp. 345
Lower Reliance on Signature-Based Intrusion Detectionp. 346
Intrusion Preventionp. 352
Data and Alert Correlationp. 355
Source Determinationp. 356
Integrated Forensics Capabilitiesp. 357
Use of Honeypots in Intrusion Detection and Preventionp. 357
Final Caveatp. 358
Summaryp. 359
Intrusion Detection and Prevention Systemsp. 361
Indexp. 365
Table of Contents provided by Ingram. All Rights Reserved.
  • TextbookRush.com BBB Business Review
  • Trustpilot
Like TextbookRush on Facebook Follow TextbookRush on X Follow TextbookRush on Instagram Subscribe to TextbookRush on YouTube Follow TextbookRush on Pinterest Add TextbookRush on Snapchat Add TextbookRush on TikTok
© 2002-2024 TextbookRush
Subscribe