Intrusion Detection Systems mailing list archives

RE: An IDS Analysts Handbook

From: latyzenhaus () anl gov (Tyzenhaus, Laurie A.)
Date: Mon, 17 Jan 2000 08:57:48 -0600



Sorry, no books.  
 
But if you ever get the opportunity to sit in one of Stephen Northcutt's
classes (SANS Conferences) do it!  It's worth EVERY cent.  He also puts out
an incident handling guide with worksheets.  You leave the SANS conference &
you've got information that you can actually implement!  (what an idea!)
And it's not a bunch of "suits" with no technical knowledge --> these guys
have the technical knowledge to answer your questions.
 
Laurie 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Laurie Tyzenhaus
Argonne National Laboratory
E-Mail:  latyzenhaus () anl gov
Voice:   630.252.6763
Fax:     630.252.9689 

 

-----Original Message-----
From: Andy [mailto:Talisker () technologist com]
Sent: Friday, January 14, 2000 2:52 PM
To: ids () uow edu au
Subject: IDS: An IDS Analysts Handbook

Hi all, Happy New Year
 
Having just returned to Computer Security after having my brain scrambled in
the basket weaving circles of the TEMPEST world, I felt the need for some
serious catching up.  A quick delve into Amazon produced an excellent
solution:
 
Network Intrusion Detection, An Analysts Guide.   by Stephen Northcutt
ISBN 0-7357-0868-1    (Jul 99)
 
For myself, reading a computer book has always consisted of scrutinising the
index for a keyword and then reading the relevant paragraph.  So to actually
read a book cover to cover, hardly putting it down, is quite remarkable. 
 
An outline of the Chapter Headings:
1. Mitnick Attack.
2. Intro to Filters and Signatures.
3. Architectural Issues.
4. Interoperability and Correlation.
5. Network-Based Intrusion Detection Solutions.
6. Detection of Exploits.
7. Denial of Service.
8. Intelligence Gathering Techniques.
9. Intro to Hacking.
10. Coordinated Attacks.
11. Additional Tools.
12. Risk Management and Intrusion Detection.
13. Automated and Manual Response.
14. Business Case for Intrusion Detection.
 
Seriously though the book is very well written, covering a variety of topics
certainly satisfying my need for a refresher. I especially enjoyed the
Mitnick coverage and the review of the current (early 99) IDS tools.
 
Can anyone recommend any other Intrusion Detection Books that won't cure my
insomnia?  Be warned though, any good recommendations may result in hate
mail from my wife :o)   
 
Take Care
 
Andy

Current thread:

patterns and signatures RAJESH BALASUBRAMANIAN (Feb 06)
- Re: patterns and signatures Martin Roesch (Feb 07)
- My Introduction Vinicius' Lists (Feb 09)
  - RE: An IDS Analysts Handbook Tyzenhaus, Laurie A. (Jan 17)
  - Re: My Introduction Markku J. Saarelainen (Feb 09)
  - INTRO W.F.Cottis () itd maff gsi gov uk (Feb 10)