I just read a review of The Tao of Network Security Monitoring by the acclaimed network information site Firewall.cx. From the review:
"Every once in a while you come across a book that really opens your eyes. One that talks in-depth about something completely different.
Unfortunately, most technical IT books are rehashes of a bunch of papers and tutorials off the net, and you often wonder whether the time you spent reading the book would have been better spent on google.
The Tao of Network Security Monitoring is not one of these books. It is with great pleasure that I am reviewing what I consider one of the most informative and well written books I have ever come across.
Network Security Monitoring (NSM) is half a science, and half a black art. It requires an in-depth knowledge of packets, protocols, applications, vulnerabilities and black hat tactics. This book focuses on the philosophy behind NSM, the skills required, the tools you need, and the way to set up an effective NSM operation.
The author, Richard Bejtlich, is a former Air Force intelligence officer, and the approach he dictates is almost military in nature. This book covers an introduction to security, what NSM is, how to deploy it, the best tools for the job and the types of things you will see."
Read on for more. I appreciate the review!