OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
IDS Archives: IDS: An IDS Analysts Handbook

IDS: An IDS Analysts Handbook

Subject: IDS: An IDS Analysts Handbook
From: Andy (Taliskertechnologist.com)
Date: Fri Jan 14 2000 - 14:52:02 CST

Hi all, Happy New Year

Having just returned to Computer Security after having my brain scrambled in the basket weaving circles of the TEMPEST world, I felt the need for some serious catching up. A quick delve into Amazon produced an excellent solution:

Network Intrusion Detection, An Analysts Guide. by Stephen Northcutt
ISBN 0-7357-0868-1 (Jul 99)

For myself, reading a computer book has always consisted of scrutinising the index for a keyword and then reading the relevant paragraph. So to actually read a book cover to cover, hardly putting it down, is quite remarkable.

An outline of the Chapter Headings:
1. Mitnick Attack.
2. Intro to Filters and Signatures.
3. Architectural Issues.
4. Interoperability and Correlation.
5. Network-Based Intrusion Detection Solutions.
6. Detection of Exploits.
7. Denial of Service.
8. Intelligence Gathering Techniques.
9. Intro to Hacking.
10. Coordinated Attacks.
11. Additional Tools.
12. Risk Management and Intrusion Detection.
13. Automated and Manual Response.
14. Business Case for Intrusion Detection.

Seriously though the book is very well written, covering a variety of topics certainly satisfying my need for a refresher. I especially enjoyed the Mitnick coverage and the review of the current (early 99) IDS tools.

Can anyone recommend any other Intrusion Detection Books that won't cure my insomnia? Be warned though, any good recommendations may result in hate mail from my wife :o)

Take Care

Andy

This archive was generated by hypermail 2b27 : Sat Jan 15 2000 - 03:24:46 CST