Network Intrusion Detection, 3/e
暫譯: 網路入侵偵測（第三版）

Name: Network Intrusion Detection, 3/e
Price: 2100 TWD
Availability: OnlineOnly
Author: Stephen Northcutt
ISBN: 0735712654

Stephen Northcutt

出版商: New Riders
出版日期: 2002-08-27
售價: $2,210
貴賓價: 9.5 折 $2,100
語言: 英文
頁數: 512
裝訂: Paperback
ISBN: 0735712654
ISBN-13: 9780735712652

海外代購書籍(需單獨結帳)

買這商品的人也買了...

$1,029

Fundamentals of Data Structures in C
~~$680~~ $578

計算機組織與設計--軟硬體界面第二版 (Computer Organization & Design, 2/e)
~~$2,650~~ $2,518

Data Mining: Concepts and Techniques
$825

Cisco CCNA Exam #640-607 Certification Guide, 3/e
$1,274

Computer Architecture: A Quantitative Approach, 3/e(精裝本)
$1,029

Operating System Concepts, 6/e (Windows XP Update)
~~$620~~ $527

PHP & MySQL 完全架站攻略第二版
~~$4,680~~ $4,446

High-Speed Signal Propagation : Advanced Black Magic (美國原版)
~~$590~~ $466

ASP.NET 程式設計徹底研究
~~$720~~ $612

重構─改善既有程式的設計
~~$980~~ $960

System Software: An Introduction to Systems Programming, 3/e (IE-Paperback)
~~$800~~ $760

管理資訊系統─管理數位化公司 (Management Information Systems: Managing the Digital Firm, 8/e)
~~$750~~ $638

鳥哥的 Linux 私房菜－伺服器架設篇
~~$560~~ $476

鳥哥的 Linux 私房菜─基礎學習篇增訂版
~~$480~~ $379

人月神話：軟體專案管理之道 (20 週年紀念版)(The Mythical Man-Month: Essays on Software Engineering, Anniversary Edition, 2/e)
~~$780~~ $616

建構嵌入式 Linux 系統
~~$780~~ $663

CCNA 認證教戰手冊 Exam 640-801 (CCNA Cisco Certified Network Associate Study Guide, 4/e)
~~$820~~ $738

C++ 程式設計藝術 (C++ How to Program, 4/e)
~~$620~~ $527

Word 排版藝術
$1,176

Computer Organization and Design: The Hardware/Software Interface, 3/e(IE) (美國版ISBN:1558606041)
~~$680~~ $646

計算機組織與設計 (Computer Organization and Design: The Hardware/Software Interface, 3/e)
$1,127

Database System Concepts, 5/e (IE) (美國版ISBN:0072958863)
~~$600~~ $540

電腦網際網路 (Computer Networking: A Top-Down Approach Featuring The Internet, 3/e)
~~$400~~ $340

OpenOffice.org 成功導入寶典
~~$990~~ $891

C++ Primer, 4/e (中文版)

商品描述

The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network.

Written by two of America's most important computer security experts.
Unparalleled advice and technical content, reviewed by the top names in network security.
Timing coincides with rising interest in intrusion detection.

This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.

Stephen Northcutt is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a cook, a US Navy helicopter search and rescue crewman, a martial arts instructor, cartographer, and network designer. He is the author of Incident Handling Step by Step and Intrusion Detection — Shadow Style, both published by the SANS Institute. He was the original developer of the Shadow intrusion detection system and served as the leader of the Department of Defense's Shadow Intrusion Detection Team for two years. Formerly the Director of the U.S. Navy's Information System Security Office at the Naval Security Warfare Center, he is now Chief Information Warfare Officer for the Ballistic Missile Defense Organization at the DOD. He is a featured lecturer and co-chair of the SANS conference. Judy Novak is a Senior Security Analyst for the Army Research Laboratory. She is one of the founding members of the Computer and Security Incident Response Team that is highly regarded among the military. She has assisted in deploying intrusion detection tools and monitoring at many different military and government sites. She is an author and speaker for the SANS Institute on TCP/IP and using the Shadow intrusion detection tool for network analysis.

Table of Contents

I. TCP/IP.

1. IP Concepts.
2. Introduction to TCPdump and TCP.
3. Fragmentation.
4. ICMP.
5. Stimulus and Response.
6. DNS.

II. TRAFFIC ANALYSIS.

7. Packet Dissection Using TCPdump.
8. Examining IP Header Fields.
9. Examining Embedded Protocol Header Fields.
10. Real-World Analysis.
11. Mystery Traffic.

III. FILTERS/RULES FOR NETWORK MONITORING.

12. Writing TCPdump Filters.
13. Introduction to Snort and Snort Rules.
14. Snort Rules-Part II.

IV. INTRUSION INFRASTRUCTURE.

15. Mitnick Attack.
16. Architectural Issues.
17. Organizational Issues.
18. Automated and Manual Response.
19. Business Case for Intrusion Detection.
20. Future Directions.

V. APPENDIXES.

Appendix A. Exploits and Scans to Apply Exploits.
Appendix B. Denial of Service.
Appendix Ctection of Intelligence Gathering.
Index

商品描述(中文翻譯)

美國整個國家的首席資訊戰官教您如何保護您的企業網路。
- 由美國兩位最重要的電腦安全專家撰寫。
- 無與倫比的建議和技術內容，經過網路安全領域頂尖專家的審核。
- 時機恰逢對入侵檢測日益增長的興趣。

本書是入侵檢測分析師的訓練輔助工具和參考資料。雖然作者提及研究和理論，但他們專注於提供實用資訊。作者在這個專業領域中是最受認可的名字，擁有無與倫比的經驗，保護我們國家的政府和軍事電腦網路。本版新增了封包解析、IP數據報欄位、取證和Snort過濾器的內容。

**Stephen Northcutt** 是瑪麗華盛頓學院的畢業生。在進入電腦安全領域之前，他曾擔任廚師、美國海軍直升機搜尋與救援隊員、武術教練、製圖師和網路設計師。他是《Incident Handling Step by Step》和《Intrusion Detection — Shadow Style》的作者，這兩本書均由SANS Institute出版。他是Shadow入侵檢測系統的原始開發者，並擔任國防部Shadow入侵檢測小組的領導者兩年。曾任美國海軍海軍安全戰爭中心資訊系統安全辦公室主任，現在是國防部彈道導彈防禦組織的首席資訊戰官。他是SANS會議的特邀講者和共同主席。**Judy Novak** 是陸軍研究實驗室的高級安全分析師。她是電腦和安全事件響應小組的創始成員之一，該小組在軍方中享有很高的聲譽。她協助在許多不同的軍事和政府場所部署入侵檢測工具和監控。她是SANS Institute的作者和講者，專注於TCP/IP和使用Shadow入侵檢測工具進行網路分析。

**目錄**

I. TCP/IP
1. IP概念
2. TCPdump和TCP簡介
3. 分片
4. ICMP
5. 刺激與反應
6. DNS

II. 流量分析
7. 使用TCPdump進行封包解析
8. 檢查IP標頭欄位
9. 檢查嵌入式協定標頭欄位
10. 實際世界分析
11. 神秘流量

III. 網路監控的過濾器/規則
12. 編寫TCPdump過濾器
13. Snort和Snort規則簡介
14. Snort規則-第二部分

IV. 入侵基礎設施
15. Mitnick攻擊
16. 架構問題
17. 組織問題
18. 自動和手動響應
19. 入侵檢測的商業案例
20. 未來方向

V. 附錄
附錄A. 應用漏洞和掃描
附錄B. 拒絕服務
附錄C. 情報收集的檢測
索引