About the Book:
Network security is not simply about building impenetrable walls — determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.
In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks — no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.
Table of Contents
Chapter 1: Network Security Monitoring RationaleChapter 2: Collecting Network Traffic: Access, Storage, and ManagementChapter 3: Stand-alone NSM Deployment and InstallationChapter 4: Distributed DeploymentChapter 5: SO Platform HousekeepingChapter 6: Command Line Packet Analysis ToolsChapter 7: Graphical Packet Analysis ToolsChapter 8: NSM ConsolesChapter 9: NSM OperationsChapter 10: Server-side CompromiseChapter 11: Client-side CompromiseChapter 12: Extending SOChapter 13: Proxies and Checksums
