Buy New

or
Sign in to turn on 1-Click ordering.
Buy Used
Used - Good See details
Price: 21.02

or
 
   
Trade in Yours
For a 1.77 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Sorry, this item is not available in
Image not available for
Colour:
Image not available

 
Tell the Publisher!
Id like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Network Intrusion Detection (Voices (New Riders)) [Paperback]

Stephen Northcutt , Judy Novak
4.0 out of 5 stars  See all reviews (4 customer reviews)
RRP: 33.99
Price: 31.19 & FREE Delivery in the UK. Details
You Save: 2.80 (8%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 3 left in stock (more on the way).
Dispatched from and sold by Amazon. Gift-wrap available.
Want it tomorrow, 18 Sep.? Choose Express delivery at checkout. Details

Formats

Amazon Price New from Used from
Paperback 31.19  
Trade In this Item for up to 1.77
Trade in Network Intrusion Detection (Voices (New Riders)) for an Amazon Gift Card of up to 1.77, which you can then spend on millions of items across the site. Trade-in values may vary (terms apply). Learn more

Book Description

27 Aug 2002 0735712654 978-0735712652 3

The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.


Frequently Bought Together

Network Intrusion Detection (Voices (New Riders)) + Intrusion Signatures and Analysis
Buy the selected items together
  • Intrusion Signatures and Analysis 27.00


Product details

  • Paperback: 512 pages
  • Publisher: Sams; 3 edition (27 Aug 2002)
  • Language: English
  • ISBN-10: 0735712654
  • ISBN-13: 978-0735712652
  • Product Dimensions: 22.9 x 17.8 x 2.8 cm
  • Average Customer Review: 4.0 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Bestsellers Rank: 765,501 in Books (See Top 100 in Books)
  • See Complete Table of Contents

More About the Author

Discover books, learn about writers, and more.

Product Description

Amazon Review

Network Intrusion Detection: An Analyst's Handbook explains some of what you need to know in order to prevent unauthorised accesses of your networked computers and minimise the damage intruders can do. It emphasises, though, proven techniques of recognising attacks while they're underway. Without placing too much emphasis (or blame, for that matter) on any operating system or other software product, author Stephen Northcutt explains ways to spot suspicious behaviour and deal with it, both automatically and manually.

The case studies, large and small, are the best part of this book. Northcutt opens with a technical brief on the methods used by Kevin Mitnick in his attack upon Tsutomu Shimomura's server. In documenting that famous attack, Northcutt explains SYN flooding and TCP hijacking with clarity and detail: Readers get a precise picture of what Mitnick did, and how Shimomura's machine reacted. A former security expert for the US Department of Defense, Northcutt goes on to explain how a system administrator would go about detecting and defeating an attack like Mitnick's. Another case study appears later in the book, this one in the form of a line-by-line analysis of a history file that shows how a bad guy with root privileges attacked a Domain Name System (DNS) server. Reading Northcutt's analysis is like reading a play-by-play account of a football match. Network Intrusion Detection is one of the most readable technical books around. --David Wall, Amazon.com

Topics covered: Catching intruders in the act by recognising the characteristics of various kinds of attacks in real-time, both manually and with the use of filters and other automated systems; techniques for identifying security weaknesses and minimising false security alarms. --This text refers to an out of print or unavailable edition of this title.

From the Publisher

Indispensable for the security analyst and administrator
Get answers and solutions from someone who has been in the trenches with Network Intrusion Detection: An Analyst's Handbook. Author Stephen Northcutt, original developer of the Shadow intrusion detection system and former Director of the United States Navy's Information System Security Office at the Naval Security Warfare Center, lends his expertise to intrusion detection specialists, security analysts, and consultants responsible for setting up and maintaining an effective defense against network security attacks. --This text refers to an out of print or unavailable edition of this title.

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

4.0 out of 5 stars
4.0 out of 5 stars
Most Helpful Customer Reviews
5 of 5 people found the following review helpful
5.0 out of 5 stars Northcutt hits the ball out of the park! 26 Aug 1999
By A Customer
Format:Paperback
I am the chief of a 15 person intrusion detection team, with responsibility for centralized, around-the-clock monitoring of a global network. I believe I have enough experience to claim Steven's book is first rate and sorely needed. His reconstruction of a Christmas Eve system compromise and his analysis of Kevin Mitnick's TCP hijack of Tsutomu Shimomura's host are excellent case studies. His coverage of reset scans and other non-standard reconnaissance techniques prompted me to scour my traffic for the same events and write a paper on my findings. I do not agree with some of his conclusions on SYN ACK and reset scans, but his work made me investigate those topics. While I would have preferred slightly more explanation and examples of network traces (who wouldn't?), I hope this book begins a trend of sharing (sanitized) packet-level incident details within the IDS community. I recommended Steven's book to every analyst on my flight and every person in my unit, and I plan to build in-house training around it. I guarantee every person with a technical leaning and a position on the front line of intrusion detection will appreciate Steven's book. See you at SANS Network Security 99!
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
4.0 out of 5 stars Ahh, nothing like the smell of IP in the morning! 25 April 2001
Format:Paperback|Verified Purchase
While this is a book on intrusion detection, I bought it for another reason. A friend refered me to this book when I asked him about "sniffing". The book is a great introduction to network sniffing! I give it "only" four stars because it falls short of its primary goal IDS.
Comment | 
Was this review helpful to you?
5.0 out of 5 stars Excellent: The missing link in Computer Security 14 Jan 2000
Format:Paperback
Whilst there are a multitude of books detailing the various computer vulnerabilities, very few give such a thorough description of how they work, more importantly in the IDS field their signatures. To get the most from this book a reasonable understanding of TCP/IP is required. Essential reading for anyone evaluating or tuning an IDS. Having just moved into the IDS field from security auditing this book has allowed me to hit the ground running.
Comment | 
Was this review helpful to you?
0 of 2 people found the following review helpful
By G.Gil
Format:Paperback
The book provide a good list and overview of most IDS tools out in the market. Unfortunatly if you are looking to go into greater detail about types of intrusion... it comes quite short in content. I found if you are looking to read this kind of subject is because you want to go in deep into the information and not very quick overview as per book.
Comment | 
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
Amazon.com: 4.5 out of 5 stars  51 reviews
60 of 61 people found the following review helpful
4.0 out of 5 stars Best IDS book for hands-on implementors 30 Jan 2000
By J. G. Heiser - Published on Amazon.com
Format:Paperback|Verified Purchase
Of the 3 available intrusion detection texts, this is by far the best for someone who actually wants to do intrusion detection. It is breezy & chatty--like sitting down with a good friend (unfortunately, one who doesn't organize his thoughts very well and whose editor was apparently in a hurry).
This is a bits & bytes book; it assumes some knowledge of TCP/IP and security concepts, but it accomodates non-specialists. It is useful for readers of varying levels of familiarity with Internet protocols. Northcutt provides an excellent introduction to the specific mechanisms of the most common network attacks, and offers the most cogent description I've seen of the [purported] Mitnick attack on Shimomura.
I especially enjoyed his efforts at providing neophyte intrusion analysts with political advice. His insight that host-based IDS is technically superior to network-based, but politically impractical is a gem of organizational wisdom.
48 of 48 people found the following review helpful
5.0 out of 5 stars Readable, intelligent, down-to-earth. 2 Oct 1999
By Greg Broiles - Published on Amazon.com
Format:Paperback|Verified Purchase
Network Intrusion Detection is rare among technical books - it's comprehensive, accurate, interesting, and intelligent; it's got none of the "filler" chapters which seem to be prevalent in the genre. It's well worth the relatively small investment of time and money required to read and understand it.
The author has "been there, done that" which gives him a perspective unavailable to professional technical authors who write about Java one month, CORBA the next, will be assigned a firewall book next.
This book will be useful to people responsible for intrusion detection, people who manage them, and to people who need to understand attack techniques and the forensic tools needed to detect and document them. Highly recommended; it's in the same class as Cheswick & Bellovin's classic _Firewalls and Internet Security_.
37 of 37 people found the following review helpful
5.0 out of 5 stars Northcutt hits the ball out of the park! 26 Aug 1999
By Richard Bejtlich - Published on Amazon.com
Format:Paperback
I am the chief of a 15 person intrusion detection team, with responsibility for centralized, around-the-clock monitoring of a global network. I believe I have enough experience to claim Steven's book is first rate and sorely needed. His reconstruction of a Christmas Eve system compromise and his analysis of Kevin Mitnick's TCP hijack of Tsutomu Shimomura's host are excellent case studies. His coverage of reset scans and other non-standard reconnaissance techniques prompted me to scour my traffic for the same events and write a paper on my findings. I do not agree with some of his conclusions on SYN ACK and reset scans, but his work made me investigate those topics. While I would have preferred slightly more explanation and examples of network traces (who wouldn't?), I hope this book begins a trend of sharing (sanitized) packet-level incident details within the IDS community. I recommended Steven's book to every analyst on my flight and every person in my unit, and I plan to build in-house training around it. I guarantee every person with a technical leaning and a position on the front line of intrusion detection will appreciate Steven's book. See you at SANS Network Security 99
16 of 17 people found the following review helpful
5.0 out of 5 stars Thorough discussion of Intrusion Detection 26 Nov 2000
By A Customer - Published on Amazon.com
Format:Paperback|Verified Purchase
I read the book from cover to cover and found the book very useful and interesting. The author uses a lot of tongue-in-cheek humor and makes the subject very interesting with interesting examples and anecdotes. He also includes a lot of actual log files in his examples which really makes the book practical and easy to understand.
The book also talks about intelligence gathering techniques employed by hackers, the hacker community, and selling management on the idea of intrusion detection. As a network security professional I find myself grappling with the issue of convincing management to fund network security and will use the ideas of this author who clearly has a lot of experience in getting funding from management.
I was able to immediately apply some of the ideas and principles in the book to my benefit.
14 of 15 people found the following review helpful
4.0 out of 5 stars A readable and timely introduction to catching the bad guys 9 Sep 1999
By Andrew T. Wilson - Published on Amazon.com
Format:Paperback
When "Network Intrusion Detection" is made into a big-budget Hollywood movie, I see Harrison Ford starring in the Stephen Northcutt role. He's experienced and more than a little hard-bitten, he has no patience for the foolish and the ill-prepared, but he really knows his stuff. Plus, there's a gleam of playfulness in the way he tackles the bad guys. Think "Indiana Jones and Back Doors of Quake."
Seriously, Stephen Northcutt is a good writer. He's been there and he's done that, and this book is the summary of what he's learned so far about detecting and countering breakins to a computer network. The book is quite current, documenting exploits as recent as early '99, which is both a plus and a minus. The plus is obviously the freshness and relevance of the content, the minus lies in the somewhat unpolished nature of the book, no doubt an artifact of speedy publication (typos abound, and organization could be improved).
However, on balance, I'd recommend this book to anyone with an interest in computer security. It could also serve as an introductory textbook on hacking into networks, as Mr. Northcutt surely realizes.... But dark hackers already have their own "apprenticeship" system, as he points out, whereas the white-hat community needs books such as this for training analysts.
Were these reviews helpful?   Let us know
Search Customer Reviews
Only search this product's reviews

Customer Discussions

This product's forum
Discussion Replies Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight
Start a new discussion
Topic:
First post:
Prompts for sign-in
 

Search Customer Discussions
Search all Amazon discussions
   


Look for similar items by category


Feedback