Extrusion Detection - Richard Bejtlich

books:


	• Extrusion Detection: Security Monitoring for Internal Intrusions Richard Bejtlich Addison-Wesley Professional, 2005 - 416 pages average customer review:based on 9 reviews view larger image
	for more information click here

highly recommended

I learned a lot

This is a solid book and a detailed read. I was on the fence about giving it 4 or 5 stars; if I could I'd give it 4.5. While it didn't blow my socks off, I would suggest it to anybody interested in security monitoring in general. In terms of monitoring internal threats specifically it also has some useful information.

Excellent Book!

I have had the pleasure of reading Extrusion Detection: Security Monitoring for Internal Intrusions by Richard Bejtlich. Richard Bejtlich picks up where he last left off with his first book Tao of Network Security Monitor: Beyond Intrusion Detection. His new book deals with a subject that many businesses don't wish to think about, and what over 50% of attacks come from, Security breaches that come from the inside an organization. It is very unfortunate that this fact was not taken into consideration in Microsoft's XP SP2 firewall.

Richard starts with a short review of network definitions. One concept I really like is the Defensible Network which he states is not necessarily a secure network, "quite accurate".

Richard includes a listing networking monitoring tools with where you can go to obtain them; Full Content Data, Session Data, and Statistical.

This book includes good illustrations, explained pieces of code (more toward the second half of the book), and includes pictures of familiar hardware.

A new definition for me was "the sink hole", that redirects unknown traffic away from the customers.

This book is a good read and a very good book to keep in one's reference library. I will be obtaining Richard Bejtlich's Tao of Network Security Monitor: Beyond Intrusion Detection and I suspect this will be just as good.

for more information click here

super

Thanks a lot, we are very happy to have this book in our library!

Extrusion Detection - Richard Bejtlich

This book is a MUST for any security person that wants to learn how to implement ingress to egress monitoring traffic analysis. Thank you Mr. Bejtlich for your wonderful work writing this book from everyone to understand. To have a better understaing of Extrusion detection, I suggest anyone to refer to his other book The TAO of Internet security monitoring.

Excellent Book

Richard Bejtlich done great job again. Tao of Network security and this one are best companion. Well written. Extrusion topic is mostly companies preferred to spend budget or time and ignore. Although NSM methodologies are repeated but fun to read again. Traffic threat assessment, designing defensive network, and incident response are well written,

for more information click here

reviews: page 1, 2

hot