Order from a Major Online Bookstore
Ultimate Book Price Comparison Engine
Save Your Time And Money
| AnyBook4Less.com | Order from a Major Online Bookstore |
|
| Home | Store List | FAQ | Contact Us | | ||
| Ultimate Book Price Comparison Engine Save Your Time And Money |
||
 |
Title: Implementing Intrusion Detection Systems : A Hands-On Guide for Securing the Network by Tim Crothers ISBN: 0764549499 Publisher: John Wiley & Sons Pub. Date: December, 2002 Format: Paperback Volumes: 1 List Price(USD): $40.00 |
Average Customer Rating: 4.5
Rating: 5
Summary: Excellent book
Comment: This book takes a simplistical approach to understanding IDS systems. I enjoyed the book and really got a grasp on IDS. I've touched basis with IDS before but was able to completely and thouroughly comprehend the main points of the book because of the great technial expertise and writing syle of the book.
Great for security admins!
Rating: 4
Summary: A welcome start to the 2003 IDS book publishing rush
Comment: When was the last time you saw a new book on detecting intrusions at your local book store? Aside from revisions of "Network Intrusion Detection" by Northcutt and Novak, the last thought-provoking book was Paul Proctor's "Practical Intrusion Detection Handbook," published in August 2000. In 2003, IDS fans, the drought has ended.
"Implementing Intrusion Detection Systems" (IIDS) is a welcome start to a year that will see four books published with the word "Snort" in their titles. IIDS pays homage to the finest detection engine in the land, but uses Snort as a sample of the capabilities an IDS has to offer -- capabilities frequently attacked in the press and by assessment-oriented companies. Author Tim Crothers tackles the naysayers head-on in the book's second paragraph: "You see media articles from well-known security writers claiming that IDS is a dead technology. Fortunately, those writers are wrong." Amen!
IIDS is clear and straightforward, with a dose of good advice and informative diagrams. The sample IDS deployment chapter was nice to see in a published work, and the evasion section in chapter 5 was well done. Overall Wiley did a fine job editing IIDS and the price is reasonable.
Now for the toughest part of any review -- constructive criticism of technical details. Crothers' discussion of "passive ftp" on p. 39 doesn't recognize that port 20 is only involved in "active ftp". (See pp. 456-7 of "Building Internet Firewalls, 2nd Ed, for a chart to silence all debate on this topic.) Closed tcp ports reply with RST ACKs, not the lone RSTs listed on p. 96. The author doesn't mention that FIN scans (p. 97) are never used because the lack of a response could be easily due to firewalls dropping packets, not open ports staying quiet.
And, repeating the mistake seen in almost every book mentioning TCP/IP, Crothers' Appendix A claims TCPDump displays "starting and ending relative sequence numbers" (p. 258). Rather, those numbers are the sequence number of the first byte of data in the segment and the sequence number of the first byte of data in the NEXT segment. That's why a TCP segment with 432 bytes of data shows 1:433 in TCPDump -- the first byte is "relative" number 1, the last is relative number 432, and the NEXT is 433.
Apart from my philosophical disagreements with the author's detection methodology and priorities, I enjoyed reading IIDS immensely. I finished it in less than two days and highlighted many lines of text. It will be fun to see how the other four IDS books arriving this year compare to Tim Crothers' work.
 |
Title: Network Intrusion Detection (3rd Edition) by Stephen Northcutt, Judy Novak ISBN: 0735712654 Publisher: Que Pub. Date: 27 August, 2002 List Price(USD): $45.00 |
 |
Title: Snort 2.0 Intrusion Detection by Brian Caswell, Jay Beale, James C. Foster, Jeremy Faircloth ISBN: 1931836744 Publisher: Syngress Pub. Date: February, 2003 List Price(USD): $49.95 |
 |
Title: Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey ISBN: 0735712328 Publisher: Que Pub. Date: 28 June, 2002 List Price(USD): $49.99 |
 |
Title: Intrusion Signatures and Analysis by Mark Cooper, Stephen Northcutt, Matt Fearnow, Karen Frederick ISBN: 0735710635 Publisher: Que Pub. Date: 29 January, 2001 List Price(USD): $39.99 |
 |
Title: Maximum Wireless Security by Cyrus Peikari, Seth Fogie ISBN: 0672324881 Publisher: SAMS Pub. Date: 18 December, 2002 List Price(USD): $39.99 |
Thank you for visiting www.AnyBook4Less.com and enjoy your savings!
Copyright� 2001-2021 Send your comments
