The practice of network security monitoring : understanding incident detection and response / by Richard Bejtlich.

Format:

Book

Author/Creator:

Bejtlich, Richard.

Language:

English

Subjects (All):

Computer networks--Security measures.

Computer networks.

Electronic countermeasures.

Physical Description:

1 online resource (380 p.)

Edition:

1st edition

Place of Publication:

San Francisco : No Starch Press, 2013.

Language Note:

English

System Details:

text file

Summary:

Network security is not simply about building impenetrable walls - determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks - no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an

Contents:

Foreword / by Todd Heberlein

Preface

Part I. Getting Started

The Rationale

Collecting Traffic

Part II. Security Onion Deployment

Standalone Deployment

Distributed Deployment

Housekeeping

Part III. Tools

Command Line Packet Analysis Tools

Graphical Packet Analysis Tools

Consoles

Part III. NSM in Action

Collection, Analysis, Escalation, and Resolution

Server-Side Compromise

Client-Side Compromise

Extending SO

Proxies and Checksums

Conclusion

Appendix A: Security Onion Scripts and Configuration / by Doug Burks.

Notes:

Description based upon print version of record.

Includes bibliographical references and index.

Description based on print version record.

ISBN:

9781593275341

159327534X

9781457185175

1457185172

OCLC:

865331904