Bisher 45,99 €**
44,99 €
versandkostenfrei*

inkl. MwSt.
**Früherer Preis
Versandfertig in 2-4 Wochen
22 °P sammeln

    Broschiertes Buch

Network security is not simply about building impenetrable walls determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM…mehr

Produktbeschreibung
Network security is not simply about building impenetrable walls determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. You'll learn how to: Determine where to deploy NSM platforms, and size them for the monitored networks Deploy stand-alone or distributed NSM installations Use command line and graphical packet analysis tools, and NSM consoles Interpret network evidence from server-side and client-side intrusions Integrate threat intelligence int
  • Produktdetails
  • Verlag: No Starch Press
  • Seitenzahl: 376
  • Erscheinungstermin: 15. Juli 2013
  • Englisch
  • Abmessung: 233mm x 177mm x 30mm
  • Gewicht: 840g
  • ISBN-13: 9781593275099
  • ISBN-10: 1593275099
  • Artikelnr.: 37227515
Autorenporträt
Richard Bejtlich is Chief Security Strategist at FireEye, and was formerly Chief Security Officer at Mandiant. He also served as Director of Incident Response for General Electric, where he built and led the 40-member GE Computer Incident Response Team (GE-CIRT). He is a graduate of Harvard University and the United States Air Force Academy. His previous works include The Tao of Network Security Monitoring, Extrusion Detection, and Real Digital Forensics (all from Addison-Wesley). He blogs and writes on Twitter as @taosecurity.
Inhaltsangabe
Foreword by Todd Heberlein
Preface
Part I: Getting Started
Chapter 1: Network Security Monitoring Rationale
Chapter 2: Collecting Network Traffic: Access, Storage, and Management
Part II: Security Onion Deployment
Chapter 3: Stand-alone NSM Deployment and Installation
Chapter 4: Distributed Deployment
Chapter 5: SO Platform Housekeeping
Part III: Tools
Chapter 6: Command Line Packet Analysis Tools
Chapter 7: Graphical Packet Analysis Tools
Chapter 8: NSM Consoles
Part IV: NSM in Action
Chapter 9: NSM Operations
Chapter 10: Server-side Compromise
Chapter 11: Client-side Compromise
Chapter 12: Extending SO
Chapter 13: Proxies and Checksums
Conclusion
Appendix
SO Scripts and Configuration
Index