Here's what you have to do to try to win this book: submit a case study on how network security monitoring helped you detect, respond to, and contain an intrusion in your environment.
You don't have to reveal your organization, but I want to know some general information like the number of users and computers. Readers need to know the sort of environment where NSM worked for you, but I don't want you to reveal your organization (unless you want to).
Tell the reader what happened, what NSM data you used, how you used it, and how you handled the incident. Extra points go to writers who include log excerpts and screen captures.
I will include the submission in my new book, subject to editing by myself and No Starch, for readability and comprehension.
The deadline for submission is 10:00 pm eastern time, Saturday 26 January (sorry for the earlier typo). I managed to extend the deadline a little. Quality trumps quantity here -- I'm not looking for another chapter!
Please submit your entries as plain text in email to taosecurity at gmail dot com. I won't open .doc or .pdf or other files which could contain surprises.
When you take screen captures, save them in high-resolution .tif format without compression. Don't take a capture of command-line information; instead, copy the text into the story. When taking screen captures of GUI tools and the like, don't take a capture of a giant window; resize to something that will be legible on a printed page, witha .
This is an example of a bad screen capture:
This is a good screen capture:
Depending on the quality of any screen captures, I may ask you to resubmit them to meet the publisher's requirements.
If you have any questions, please post them here.
The winner will receive the pictured TCP/IP book. Once my new book arrives, I will ask the publisher to mail you a free copy too.
If I receive one or more good runners-up, I will ask the publisher to send their owners copies of my new book too.
If you have any questions, please submit them as comments here. Good luck!