.

Any reviews of Practical Intrusion Analysis?

<<

SEC_JUNKIE

Newbie
Newbie

Posts: 1

Joined: Fri Oct 23, 2009 3:22 pm

Post Fri Oct 23, 2009 3:30 pm

Any reviews of Practical Intrusion Analysis?

Any reviews of Practical Intrusion Analysis by Ryan Trost?  I was wondering how people thought it compared to previous IDS/IPS books (notice I said "IDS" and NOT "SNORT")?

Flipping through it at Borders, I do like the amount of ground covered!

Anybody use geospatial intrusion detection (the usage of geographical endpoints for a measure of IDS/IPS analysis)?  I skimmed the chapter and might simply buy it for that one chapter.
<<

SecMan

Newbie
Newbie

Posts: 17

Joined: Thu Dec 25, 2008 8:57 am

Post Sat Oct 24, 2009 3:11 pm

Re: Any reviews of Practical Intrusion Analysis?

<<

been_there_secured_that

Newbie
Newbie

Posts: 1

Joined: Mon Nov 02, 2009 8:51 pm

Post Mon Nov 02, 2009 9:12 pm

Re: Any reviews of Practical Intrusion Analysis?

I really enjoyed the book myself.

The chapter on netflow was informative and insightful.  Especially given the amount of emphasis security practitioners are putting on the technology (thankfully to netflow gurus like jose nazario -- conficker finder).

I also really enjoyed the physical security chapter.  Rarely do technical books dive into that topic which is unfortunate since physical breaches are the easiest! 

The included WAF chapter is essential these days.  Typical signature based NIDS are too easy to evade. 

I give it 4 out of 5 stars...

Return to Book Reviews

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software