For those interested in the mechanics of book writing: I thought of the idea last summer, just after my first book arrived. I signed a contract in November, then began writing in January. My first due date was 1 April for half the book in draft form, followed by the rest of the book in draft form by 1 June. I've been working on addressing reviewer feedback since late June, and now the book is ready for copyediting.
The chapter-level table of contents is listed next.
- Network Security Monitoring Revisited
- Defensible Network Architecture
- Extrusion Detection Illustrated
- Enterprise Network Instrumentation
- Layer 3 Network Access Control (by Ken Meyers)
- Traffic Threat Assessment
- Network Incident Response
- Network Forensics
- Traffic Threat Assessment Case Study
- Malicious Bots (by Mike Heiser)
Furthermore, there are these elements:
- Foreword by Marcus Ranum
- Appendix A. Collecting Session Data in an Emergency
- Appendix B. Minimal Snort Installation Guide
- Appendix C. Survey of Enumeraiton Methods (by Ron Gula)
- Appendix D. Open Source Host Enumeration (by Rohyt Belani)
I'm estimating the book will be between 450 and 500 pages, but I usually err on the low side. Expect to see the book on shelves in December 2005 or January 2006. I'll probably provide excerpts as publication approaches as well.
You can also get a thorough look at material from the new book at day two of my class at USENIX Security in two weeks. If I am accepted to USENIX LISA in December, I hope to teach three days. The third day will also be based on Extrusion.