The practice of network security monitoring : understanding incident detection and response / Richard Bejtlich.
By: Bejtlich, Richard
.
Material type: 
BookPublisher: San Francisco : No Starch Press, 2013Description: xxx, 341 pages : illustrations ; 24 cm.Content type: text Media type: unmediated Carrier type: volumeISBN: 9781593275099 (pbk); 1593275099.Subject(s): Computer networks -- Security measures | Electronic countermeasuresDDC classification: 004.6 | Item type | Current library | Call number | Copy number | Status | Date due | Barcode | Item holds |
|---|---|---|---|---|---|---|---|
| General Lending | MTU Bishopstown Library Lending | 004.6 (Browse shelf(Opens below)) | 1 | Checked out | 24/04/2024 | 00170261 |
Enhanced descriptions from Syndetics:
Network security is not simply about building impenetrable walls determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. You'll learn how to: Determine where to deploy NSM platforms, and size them for the monitored networks Deploy stand-alone or distributed NSM installations Use command line and graphical packet analysis tools, and NSM consoles Interpret network evidence from server-side and client-side intrusions Integrate threat intelligence into NSM software to identify sophisticated adversaries There s no foolproof way to keep attackers out of your network. But when they get in, you ll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.
Includes index.
Part I: Getting Started -- Network Security Monitoring Rationale -- Collecting Network Traffic: Access, Storage and Management -- Part II. Security Onion Deployment -- Stand-alone NSM Deployment and Installation -- Distributed Deployment -- SO Platform Housekeeping -- Part III: Tools -- Command Line Packet Analysis Tools -- Graphical Packet Analysis Tools -- NSM Consoles -- Part IV:. NSM in Action -- NSM Operations -- Server-side Compromise -- Client-side Compromise -- Extending SO -- Proxies and Checksums -- Conclusion.
Table of contents provided by Syndetics
- Dedication
- Foreword
- Preface
- Getting Started
- Chapter 1 Network Security Monitoring Rationale
- Chapter 2 Collecting Network Traffic: Access, Storage, and ManagementSecurity Onion Deployment
- Chapter 3 Stand-alone NSM Deployment and Installation
- Chapter 4 Distributed Deployment
- Chapter 5 SO Platform HousekeepingTools
- Chapter 6 Command Line Packet Analysis Tools
- Chapter 7 Graphical Packet Analysis Tools
- Chapter 8 NSM ConsolesNSM in Action
- Chapter 9 NSM Operations
- Chapter 10 Server-side Compromise
- Chapter 11 Client-side Compromise
- Chapter 12 Extending SO
- Chapter 13 Proxies and Checksums
- Conclusion
- SO Scripts and Configuration
- ColophonUpdates