Poetry Madness

Recently Viewed clear list

Q&A | February 27, 2014

Rene Denfeld: IMG Powell’s Q&A: Rene Denfeld

Describe your latest book. The Enchanted is a story narrated by a man on death row. The novel was inspired by my work as a death penalty... Continue »
  1. $18.19 Sale Hardcover add to wish list

    The Enchanted

    Rene Denfeld 9780062285508


On Order

New Trade Paper
Currently out of stock.
Add to Wishlist
available for shipping or prepaid pickup only
Qty Store Section
- Local Warehouse Internet- General

Intrusion Signatures and Analysis


Intrusion Signatures and Analysis Cover


Synopses & Reviews

Publisher Comments:

Intrusion Signatures and Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. After a challenging four-chapter review, the reader finds page after page of signatures, in order by categories. Then the content digs right into reaction and responses covering how sometimes what you see isn¿t always what is happening. The book also covers how analysts can spend time chasing after false positives. Also included is a section on how attacks have shut down the networks and web sites of Yahoo, and E-bay and what those attacks looked like. Readers will also find review questions with answers throughout the book, to be sure they comprehend the traces and material that has been covered.

Book News Annotation:

Directed at computer network intrusion analysts, this handbook focuses on providing examples of traces that analysts are most likely to see and presenting analyses of those traces. After presenting some of the most critical Internet security threats, chapters cover non- malicious traffic, perimeter logs, reactions and responses, network mapping, scans that probe systems for information, denial of service through resource starvation, denial of service through bandwidth consumption, Trojans, exploits, buffer overflows with content, fragmentation, false positives, and out-of-spec packets.
Annotation c. Book News, Inc., Portland, OR (booknews.com)


This is the only resource security specialists need to decipher the digital fingerprints of a cyber-criminal. Ideal for self-study, it contains questions that cover the traces and signatures to allow readers to double check their knowledge.

About the Author

Stephen Northcutt is the author of several books including: Incident Handling Step-by-Step, Intrusion Detection: Shadow Style (both by the SANS Institute) and Network Intrusion Detection: An Analyst's Handbook (New Riders) as well as a contributing editor for Securing NT Step-by-Step (The SANS Institute.) He was the original developer of the Shadow intrusion detection system and served as the leader of the Department of Defenses Shadow Intrusion Detection Team for two years. Mr. Northcutt was the Chief for Information Warfare at the Ballistic Missile Defense Organization and currently serves as the Director for GIAC Training and Certification for the SANS Institute. Mark Cooper graduated from UMIST in 1991 with a BS in Microelectronic Systems Engineering. Currently working as a security consultant, he reached his current position after spending many years as a software engineer and then as a UNIX Systems Administrator. He is now a SANS GIAC Certified Intrusion Analyst. Matt Fearnow is a Network/ Security Administrator for Macmillan USA. Before working at Macmillan, he served in the US Navy as a Sonar Technician aboard submarines. In his current duties he constantly utilizes his SANS GIAC certification and is a frequent contributor to the SANS GIAC website. Matt was the first to establish categories for the traces from completed GIAC practicals. Karen Frederick is an Infosec Engineer for Sun Tzu Security in Milwaukee, Wisconsin. She earned her bachelor's degree in computer science from the University of Wisconsin-Parkside, and she is currently completing her master's degree thesis in intrusion detection from the University of Idaho's Engineering Outreach program. Karen holds several certifications, including Microsoft Certified Systems Engineer + Internet, Check Point Certified Security Administrator and GIAC Certified Intrusion Analyst.

Table of Contents

 1. Reading Log Formats.

 2. Introduction to the Practicals.

 3. The Ten Most Critical Internet Security Threats, Part 1.

 4. The Ten Most Critical Internet Security Threats, Part 2.

 5. Reactions and Responses.

 6. Perimeter Logs.

 7. Non-Malicious Traffic.

 8. Network Mapping.

 9. Scans that Probe Systems for Information.

10. Denial Of Service (DoS)—Resource Starvation.

11. Denial Of Service (DoS)—Bandwidth Consumption.

12. Trojans.

13. Exploits.

14. Buffer Overflows with Content.

15. Fragmentation.

16. False Positives.

17. Out of Spec Packets.

Product Details

Cooper, Mark
Northcutt, Stephen
Fearnow, Matt
Cooper, Mark
Frederick, Karen
Indianapolis, Ind.
Networking - General
Computer networks
Computer security
Internet - Security
Security - General
Computers -- Access control.
Networking-Computer Security
Internet - General
Edition Description:
Trade paper
Series Volume:
Publication Date:
January 2001
Grade Level:
8.9 x 7 x 1.1 in 689 gr

Other books you might like

  1. Know Your Enemy 2ND Edition Learning... Used Trade Paper $27.00
  2. Counter Hack: A Step-By-Step Guide... Used Trade Paper $2.75
  3. Hacker Disassembling Uncovered Used Trade Paper $6.95
  4. Network Intrusion Detection 3RD Edition New Trade Paper $49.50
  5. Wi-Foo: The Secrets of Wireless Hacking Used Trade Paper $14.95
  6. The Guinness Book of Espionage Used Trade Paper $7.95

Related Subjects

Computers and Internet » Internet » General
Computers and Internet » Internet » Information
Computers and Internet » Networking » Computer Security
Computers and Internet » Networking » General

Intrusion Signatures and Analysis New Trade Paper
0 stars - 0 reviews
$36.25 Backorder
Product details 448 pages Sams - English 9780735710634 Reviews:
"Synopsis" by , This is the only resource security specialists need to decipher the digital fingerprints of a cyber-criminal. Ideal for self-study, it contains questions that cover the traces and signatures to allow readers to double check their knowledge.
  • back to top
Follow us on...

Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and gifts — here at Powells.com.