- Paperback: 552 pages
- Publisher: Osborne/McGraw-Hill (1 July 2001)
- Language English
- ISBN-10: 0072131829
- ISBN-13: 978-0072131826
- Product Dimensions: 22.6 x 18.8 x 3.6 cm
- Average Customer Review: 5.0 out of 5 stars See all reviews (3 customer reviews)
- Amazon Bestsellers Rank: 1,286,451 in Books (See Top 100 in Books)
- See Complete Table of Contents
| |||||||||||||||
Did you know you can trade in your old books for an Amazon.co.uk Gift Card to spend on the things you want? Plus, get an extra £5 Gift Certificate when you trade in books worth £10 or more before June 30, 2012. Visit the Books Trade-In Store for more details. |
|
There is a newer edition of this item:
|
Product details |
More About the Authors
Discover books, learn about writers, and more.
Product Description
Amazon.co.uk Review
Incident Response aims to teach you how to determine when an attack has occurred or is underway--they're often hard to spot--and show you what to do about it. A strong system of defences will save your systems from falling victim to published and otherwise uninventive attacks, but even the most heavily defended system can be cracked under the right conditions. Authors Kevin Mandia and Chris Prosise favour a tools--and procedures-centric approach to the subject, thereby distinguishing this book from others that catalogue attacks and methods for dealing with each. The approach is more generic and therefore better suited to dealing with newly emerging attack techniques.
Anti-attack procedures are presented with the goal of identifying, apprehending and successfully prosecuting attackers. The advice on carefully preserving volatile information, such as the list of processes active at the time of an attack, is easy to follow. The book is quick to endorse tools, the functionalities of which are described so as to inspire creative applications. Information on bad-guy behaviour is top-quality as well, giving readers knowledge of how to interpret logs and other observed phenomena. Mandia and Prosise don't--and can't--offer a foolproof guide to catching crackers in the act, but they do offer a great "best practices" guide to active surveillance. --David Wall
Topics covered: Monitoring computer systems for evidence of malicious activity and reacting to such activity when it's detected. With coverage of Windows and Unix systems as well as non-platform-specific resources like Web services and routers, the book covers the fundamentals of incident response, processes for gathering evidence of an attack and tools for making forensic work easier.
Review
"... poorly trained network administrators and the lack of firewalls and intrustion detection systems still make it difficult to find the source and strategy of the attack." Computerworld article (8/21/00) on Incident Response featuring David Dittrich, a researcher who spoke at the Usenix Security Symposium."
Inside This Book
(Learn More)
First Sentence
Computers are continually changing the face of crime and computer security. Read the first page
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Computers are continually changing the face of crime and computer security. Read the first page
Explore More
Concordance
Browse Sample PagesConcordance
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Suggested Tags from Similar Products(What's this?)Be the first one to add a relevant tag (keyword that's strongly related to this product)
|
Sell a Digital Version of This Book in the Kindle Store
If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store.
Learn more
What Other Items Do Customers Buy After Viewing This Item?
Customer Reviews
Most Helpful Customer Reviews
10 of 10 people found the following review helpful
Format:Paperback
Written by two of Foundstone's specialists in the area of Computer Forensics, this book covers many aspects of discovering who has attempted to attack your computer systems and what to do with this information. It describes what to look for, where to look, and how exploits are exploited. Covering NT, Unix, and routers, it takes you through step-by-step monitoring for attacks, intrusion detection, and what to do with this data when you have collated it.
This is the first book that has covered this subject, hopefully there will be a lot more to follow.
An excellent book, well worth a read.
Format:Paperback|Amazon Verified Purchase
I bought this purely on the reviews that were written on Amazon and I must say that this is one the great books. It is well written in plain english, has loads of examples and clearly explains the steps needed to become a good security analyst.
Would thoroughly recommend to anyone aspiring to become a security analyst or who simply needs that bit of extra help or assistance.
Would thoroughly recommend to anyone aspiring to become a security analyst or who simply needs that bit of extra help or assistance.
2 of 9 people found the following review helpful
Format:Paperback
I've just started reading this and its such a good book. Theres plenty of real world examples of situations/usage of tools making this one of the best books on the incident handling topic i've read. 5*! :)
Would you like to see more reviews about this item?
Were these reviews helpful?
Let us know
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
Listmania!
Look for similar items by category
Look for similar items by subject
Feedback
- Would you like to update product info or give feedback on images?
- I am the Author, and I want to comment on my book.
- I am the Publisher, and I want to comment on this book.
