Thursday, October 16, 2003

Review of Intrusion Detection Posted just posted my five star review of Intrusion Detection. I read this book as background for my forthcoming The Tao of Network Security Monitoring and was pleasantly surprised. This isn't a book for practioners looking to operate intrusion detection systems or interpret event data from systems. However, the book provides a nice historical backdrop on the problems that have existed for decades in computer security. From the review:

"Three years ago, as a captain in the Air Force CERT, I didn't think I had time to read books on theory and definitions like Rebecca Bace's Intrusion Detection. If a book didn't show packet captures, I didn't need it! Fast forward to 2003, as I research intrusion detection history and re-discover Bace's contribution to the field. Now, I consider her book so important that I consider most of it mandatory preparation for my own book. If you've got the time for 'high level' monitoring concerns, check out Intrusion Detection."

I added the book to my Weapons and Tactics Listmania List, along with a few other books reviewed in the last six months. You can access all of my recommended reading lists here.

In related news, I received word from Wiley that Snort: The Complete Guide to Intrusion Detection is listed in the publisher's database as "Publication Suspended Indefinitely." That's too bad, as Sourcefire employees and Snort coders Jeffrey Nathan, Dragos Ruiu, and Jed Haile were the authors.

No comments: