版权声明:原创作品,允许转载,转载时请务必以超链接形式标明文章原始出版、作者信息和本声明。否则将追究法律责任。
http://blog.csdn.net/topmvp - topmvp
*The NSM operational framework and deployment considerations.
*How to use a variety of open-source toolsincluding Sguil, Argus, and Etherealto mine network traffic for full content, session, statistical, and alert data.
*Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture.
*Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM.
*The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance.
http://rapidshare.com/files/53732042/0321246772.zip
In The Tao of Network Security Monitoring , Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents.
Inside, you will find in-depth information on the following areas.*The NSM operational framework and deployment considerations.
*How to use a variety of open-source toolsincluding Sguil, Argus, and Etherealto mine network traffic for full content, session, statistical, and alert data.
*Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture.
*Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM.
*The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance.
http://rapidshare.com/files/53732042/0321246772.zip