Description

This book provides an introduction to the field of Intrusion Prevention and provides detailed information on various IPS methods and technologies. Specific methods are covered in depth, including both network and host IPS and response technologies such as port deactivation, firewall/router network layer ACL modification, session sniping, outright application layer data modification, system call interception, and application shims.

Key Features

* Corporate spending for Intrusion Prevention systems increased dramatically by 11% in the last quarter of 2004 alone * Lead author, Michael Rash, is well respected in the IPS Community, having authored FWSnort, which greatly enhances the intrusion prevention capabilities of the market-leading Snort IDS

Readership

Technologists and Security Administrators.

Table of Contents

Chapter 1: Introduction to Intrusion Prevention: Chapter 2: False Positives and Real Damage: Chapter 3: Data Link IPS Chapter 4: Network IPS Chapter 5: Transport IPS Chapter 6: Application Layer Responses Chapter 7: Host IPS Actions: Chapter 8: Hybrid IPS Actions: Chapter 9: Network Inline Data Modification

Details

No. of pages:
550
Language:
English
Copyright:
© 2005
Published:
Imprint:
Syngress
Electronic ISBN:
9780080489292
Print ISBN:
9781932266474

About the authors

Angela Orebaugh

Angela Orebaugh (, GCIA, GCFW, GCIH, GSEC, CCNA) is a Senior Scientist in the Advanced Technology Research Center of Sytex, Inc. where she works with a specialized team to advance the state of the art in information systems security. She has over 10 years experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. She has a Masters in Computer Science, and is currently pursuing her Ph.D. with a concentration in Information Security at George Mason University.