Intrusion Signatures and Analysis

ISBN-10: 0735710635
ISBN-13: 9780735710634
Edition: 2001
List price: $39.99
30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: Intrusion Signatures and Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. After a challenging four-chapter  More...

what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS PowerPoint® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $39.99
Copyright year: 2001
Publisher: Pearson Education
Publication date: 1/19/2001
Binding: Paperback
Pages: 448
Size: 7.00" wide x 9.00" long x 1.25" tall
Weight: 1.496
Language: English

Intrusion Signatures and Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. After a challenging four-chapter review, the reader finds page after page of signatures, in order by categories. Then the content digs right into reaction and responses covering how sometimes what you see isn¿t always what is happening. The book also covers how analysts can spend time chasing after false positives. Also included is a section on how attacks have shut down the networks and web sites of Yahoo, and E-bay and what those attacks looked like. Readers will also find review questions with answers throughout the book, to be sure they comprehend the traces and material that has been covered.

Reading Log Files
TCPdump
Snort
Syslog
Commercial Intrusion Detection Systems
Firewalls and Perimeter Defenses
Summary
Introduction to the Practicals
The Network or System Trace
Analysis Example
Correlations
Evidence of Active Targeting
Severity
Defensive Recommendation
Multiple-Choice Question
Summary
The Most Critical Internet Security Threats (Part 1)
BIND Weaknesses
Vulnerable Common Gateway Interface Programs
Remote Procedure Call Weaknesses
Remote Data Services Hole in Microsoft Internet Information Server
Sendmail Attacks
Summary
The Most Critical Internet Security Threats (Part 2)
sadmind and mountd Buffer Overflows
Improperly Configured File Sharing
Passwords
IMAP and POP Server Buffer Overflows
Default SNMP Community Strings
Summary
Non-Malicious Traffic
Internet Protocol
Transmission Control Protocol
TCP's Three-Way Handshake
Putting It All Together
Example of Non-Malicious Traffic
Summary
Perimeter Logs
Cisco Routers
Cisco PIX Firewall
Check Point Firewall-1
Sidewinder Firewall
IP chains
Portsentry
Summary
Reactions and Responses
IP Spoofing Stimuli
IP Spoofing Responses
Third-Party Effects
Invalid Application Data
Intrusion Detection System Responses to Stimuli
Summary
Network Mapping
Scans for Services
Telnet
NetBIOS Wildcard Scan
Network Map Acquisition--DNS Zone Transfer
Stealthy Scanning Techniques
Summary
Scans That Probe Systems for Information
NMAP
Netcat
Unsolicited Port Access
Effective Reconnaissance
Summary
Denial of Service--Resource Starvation
What Is a DoS Attack?
The Traces--Good Packets Gone Bad
Things That Just Don't Belong
SYN Floods
Small Footprint DoS
Telnet DoS Attack
Summary
Denial of Service--Bandwidth Consumption
Amplification
Looping Attacks
Spoofed DNS Queries
Strange FTP Activity
Router Denial-of-Service Attacks
Using SNMP for Reconnaissance
Summary
Trojans
Trolling for Trojans
Still Trolling for Trojans
Deep Throat
Loki
Summary
Exploits
ICMP Redirect
Web Server Exploit
SGI Object Server
SNMP
Summary
Buffer Overflows with Content
Fundamentals of Buffer Overflows
Examples of Buffer Overflows
Detecting Buffer Overflows by Protocol Signatures
Detecting Buffer Overflows by Payload Signatures
Script Signatures
Abnormal Responses
Defending Against Buffer Overflows
Summary
Fragmentation
Boink Fragment Attack
Teardrop
Teardrop 2
evilPing
Modified Ping of Death
Summary
False Positives
Traceroute
Real Time Streaming Protocol
FTP
User Errors
Legitimate Requests Using Nonstandard Ports
Sendmail
Summary
Out-of-Spec Packets
Stimulus and Response Review
SYN-FIN Traces
Christmas Tree Scans / Demon-Router Syndrome
Fragmentation and Out-of-Spec
Time Fragments
Summary
Appendix
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×