Configuring an Intrusion Detection System (IDS) is very challenging, and if improperly configured, an IDS is rendered ineffective. Packed with real-world tips and practical techniques, this book shows IT and security professionals how to implement, optimize, and effectively use IDS. It features coverage of the recently revised IETF IDS specification. It covers IDS standards, managing traffic volume in the IDS, intrusion signatures, log analysis, and incident handling. It provides step-by-step instructions for configuration procedures.
Your in-depth guide to implementing and optimizing an effective intrusion detection system for your network
Here's the in-the-trenches handbook you've been looking for, loaded with information and tips from real case studies that will help you deploy, configure, and monitor an effective intrusion detection system. Step-by-step instructions guide you through the process of configuring identification and authentication, mandatory and discretionary access control, physical security, and more. You'll get practical knowledge of honeynets, IP and MAC addressing, log analysis, and IDS standards, and learn to manage network traffic volume in the IDS.
Tim Crothers gives you the benefit of his own extensive experience, furnishing sample IDS deployments and professional tips that boost your efficiency. If you're responsible for network security, this is the guidebook that will help you get a good night's sleep-at last.
You'll learn how to:
* Implement an effective IDS for host, network, and combined systems
* Understand challenges like evasion, unknown attacks, and false alerts
* Verify, test, and fine-tune intrusion detection systems
* Analyze various IDS products and determine what meets your organization's needs
* Cope with legal issues and architectural challenges
* Identify, verify, and respond to different types of attacks and alerts
* Investigate security breaches and prevent recurrences