Recommended Reading: 'The Practice of Network Security Monitoring'
"The Practice of Network Security Monitoring" from No Starch Press is an US$49.99, 376-page book written by security expert, Richard Bejtich, that shows practices for implementing network security.
The author has seen attacks against the United States military, government agencies, Internet service providers, telecommunications carriers, universities, manufacturers, and more. To combat these intrusions, Bejtlich developed a methodology called network security monitoring (NSM). Bejtlich based NSM on his experience as an intelligence officer and computer network defender in the United States Air Force, and proved its worth in the years following his military service.
NSM is a powerful way to detect, respond to, and control intrusions on networks large and small, using open source software and industry-leading practices. In "The Practice of Network Security Monitoring," Bejtlich explains how to prevail against intruders: catch them before they cause damage, using an assortment of network-centric tools and techniques. Readers of "The Practice of Network Security Monitoring" will learn how to:
° Determine where to deploy NSM platforms, and size them for the monitored networks;
° Deploy stand-alone or distributed NSM installations;
° Use command line and graphical packet analysis tools and NSM consoles;
° Collect, analyze, and escalate indications and warnings when running a Computer Incident Response Team;
° Interpret network evidence from server-side and client-side intrusions;
° Extend NSM software to integrate threat intelligence to identify threats.
For more info go to http://tinyurl.com/kadm8kj .