Title:
 The Tao of network security monitoring : beyond intrusion detection
Author:
 Bejtlich, Richard.
ISBN:
 9780321246776
Personal Author:
 
Publication Information:
 Boston : Addison-Wesley, ©2005.
Physical Description:
 xxxiv, 798 pages : illustrations ; 24 cm
General Note:
 Includes index.
Contents:
 The security process -- What is network security monitoring? -- Deployment considerations -- The reference intrusion model -- Full content data -- Additional data analysis -- Session data -- Statistical data -- Alert data : Bro and Prelude -- Alert data : NSM using Sguil -- Best practices -- Case studies for managers -- Analyst training program -- Discovering DNS -- Harnessing the power of session data -- Packet monkey heaven -- Tools for attacking network security monitoring -- Tactics for attacking network security monitoring.
Electronic Access:
 Safari Books Online http://proquest.safaribooksonline.com/0321246772Table of contents http://catdir.loc.gov/catdir/toc/ecip0416/2004007857.html
