Network Intrusion Detection An Analyst's Handbook

ISBN-10: 0735712654
ISBN-13: 9780735712652
Edition: 3rd 2003 (Revised)
List price: $54.99 Buy it from $9.72 Rent it from $23.75
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

Description: As the number of networks grows, there is a corresponding increase in the types and numbers of attacks to penetrate those networks. This book looks at intrusion detection, one of the hottest areas of network security.

Used Starting from $9.72
New Starting from $39.94
Rent Starting from $23.75
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
SQL Online content $4.95 $1.99
Add to cart
Study Briefs
MS Excel® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS Word® 2010 Online content $4.95 $1.99
Add to cart
Study Briefs
MS PowerPoint® 2010 Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $54.99
Edition: 3rd
Copyright year: 2003
Publisher: Pearson Education
Publication date: 8/27/2002
Binding: Paperback
Pages: 512
Size: 7.00" wide x 8.75" long x 1.00" tall
Weight: 1.738
Language: English

As the number of networks grows, there is a corresponding increase in the types and numbers of attacks to penetrate those networks. This book looks at intrusion detection, one of the hottest areas of network security.

TCP/IP
Ip Concepts
The TCP/IP Internet Model
Packaging (Beyond Paper or Plastic)
Addresses
Service Ports
IP Protocols
Domain Name System
Routing: How You Get There from Here
Summary
Introduction to TCPdump and TCP
TCPdump
Introduction to TCP
TCP Gone Awry
Summary
Fragmentation
Theory of Fragmentation
Malicious Fragmentation
Summary
ICMP
ICMP Theory
Mapping Techniques
Normal ICMP Activity
Malicious ICMP Activity
To Block or Not to Block
Summary
Stimulus and Response
The Expected
Protocol Benders
Abnormal Stimuli
Summary
DNS
Back to Basics: DNS Theory
Using DNS for Reconnaissance
Tainting DNS Responses
Summary
Traffic Analysis
Packet Dissection Using TCPdump
Why Learn to Do Packet Dissection?
Sidestep DNS Queries
Introduction to Packet Dissection Using TCPdump
Where Does the IP Stop and the Embedded Protocol Begin?
Other Length Fields
Increasing the Snaplen
Dissecting the Whole Packet
Freeware Tools for Packet Dissection
Summary
Examining IP Header Fields
Insertion and Evasion Attacks
IP Header Fields
The More Fragments (MF) Flag
Summary
Examining Embedded Protocol Header Fields
TCP
UDP
ICMP
Summary
Real-World Analysis
You've Been Hacked!
Netbus Scan
How Slow Can you Go?
RingZero Worm
Summary
Mystery Traffic
The Event in a Nutshell
The Traffic
DDoS or Scan
Fingerprinting Participant Hosts
Summary
Filters/Rules for Network Monitoring
Writing TCPdump Filters
The Mechanics of Writing TCPdump Filters
Bit Masking
TCPdump IP Filters
TCPdump UDP Filters
TCPdump TCP Filters
Summary
Introduction to Snort and Snort Rules
An Overview of Running Snort
Snort Rules
Summary
Snort Rules--Part II
Format of Snort Options
Rule Options
Putting It All Together
Summary
Intrusion Infrastructure
Mitnick Attack
Exploiting TCP
Detecting the Mitnick Attack
Network-Based Intrusion-Detection Systems
Host-Based Intrusion-Detection Systems
Preventing the Mitnick Attack
Summary
Architectural Issues
Events of Interest
Limits to Observation
Low-Hanging Fruit Paradigm
Human Factors Limit Detects
Severity
Countermeasures
Calculating Severity
Sensor Placement
Outside Firewall
Push/Pull
Analyst Console
Host- or Network-Based Intrusion Detection
Summary
Organizational Issues
Organizational Security Model
Defining Risk
Risk
Defining the Threat
Risk Management Is Dollar Driven
How Risky Is a Risk?
Summary
Automated and Manual Response
Automated Response
Honeypot
Manual Response
Summary
Business Case for Intrusion Detection
Management Issues
Threats and Vulnerabilities
Tradeoffs and Recommended Solution
Repeat the Executive Summary
Summary
Future Directions
Increasing Threat
Defending Against the Threat
Defense in Depth
Emerging Techniques
Summary
Appendixes
Exploits and Scans to Apply Exploits
False Positives
IMAP Exploits
Scans to Apply Exploits
Single Exploit, Portmap
Summary
Denial of Service
Brute-Force Denial-of-Service Traces
Elegant Kills
nmap
Distributed Denial-of-Service Attacks
Summary
Ctection of Intelligence Gathering
Network and Host Mapping
NetBIOS-Specific Traces
Stealth Attacks
Measuring Response Time
Worms as Information Gatherers
Summary
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×