Protect Your Information with Intrusion Detection (Power) Review

Average Reviews:

(More customer reviews)Are you looking to buy Protect Your Information with Intrusion Detection (Power)? Here is the right place to find the great deals. we can offer discounts of up to 90% on Protect Your Information with Intrusion Detection (Power). Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Protect Your Information with Intrusion Detection (Power) ReviewWhile perusing a bookstore in Saskatchewan (don't ask!), I found "Protect Your Information with Intrusion Detection" (PYIWID). I was pleasantly surprised to see an old version of a paper I had written several years ago cited in the bibliography, and the table of contents seemed to mention all the right subjects. I hadn't heard any "buzz" about this book, but I thought I might have found a hidden gem. I should have left the book on the shelf!

The first aspect of PYIWID that strikes the reader is the awkward English. The author appears to be Russian, and his editors gave him little support. Many times where the word "block" should be used, "lock" appears! For example: "Most network devices and programs lock ICMP packets and do not pass them" (p. 55). "If you detect an attack and start trying to lock it with firewalls..." (p. 60). These were followed on p. 84 by mentions of "Red Code" and "Blue Code," instead of "Code Red." Other sections make questionable, if not totally false, claims. For example: "Agent installation is especially dangerous for open systems, such as Linux and OpenBSD, since the agent can be introduced into the OS kernel." Ever hear of kernel mode Windows rootkits?

Other quotes just make no sense, such as first describing hiding processes on p. 62 and then saying "Using the rootkit or SunOS represents an example of this method." I was sad to read that "the White House server was blocked for tree hours and, on May 22, the server was unavailable for six hours." (p. 42). Some material indicated fuzzy thinking using sweeping statements, such as "Intrusion detection systems can identify and block practically all propagation methods used by hybrid attacks" (p. 49). The author seems to think math will solve your problems; this quote was outrageous: "Since intrusion detection technologies still lack a solid mathematical foundation, there is no possibility of developing efficient methods of detecting attacks and efficiently counteracting them." The author also thinks vulnerability assessment products are intrusion detection systems, covering scanners and such in ch. 6.

On the positive side, I think PYIWID has a great bibliography. It mentions lots of useful papers, some of which are mentioned in the book. I also liked the TAP diagram on p. 369. I initially thought the inclusion of various security "was stories" was useful, until I realized they appeared at random times and were often uncited. The exception was the heavy reliance on stories from books by Vacca. I was sad to see the author mainly relied on other people's packet traces for this book! "Most of the listing examples provided in this and subsequent sections were taken from [the SANS Internet Storm Center], or are based on practical exercises performed within the framework of preparing for [GIAC certification]" (p. 96".
It was my fault that I bought this book. I should have been tipped off by the odd choice of "key points" on the cover: "describing firewalls, indicating security policy violations, analyzing the information sources, improving the IDS security level." These sound awkward, and PYIWID follows that theme throughout. I give it three stars because the author did a lot of working bringing disparate sources of information together in this single volume, but he did not present it coherently.Protect Your Information with Intrusion Detection (Power) OverviewThis comprehensive reference provides a detailed overview of intrusion detection systems (IDS) offering the latest technology in information protection. Introducing network administrators to the problem of intrusion detection, it includes the principles of system technology and an in-depth classification in IDS. Topics covered include information gathering and exploitation, searching for vulnerabilities, distributed attack tools, remote and local penetrations, and password crackers, sniffers, and firewalls. Examples of actual information system break-ins provide practical reference.

Want to learn more information about Protect Your Information with Intrusion Detection (Power)?

>> Click Here to See All Customer Reviews & Ratings Now