Books.org participates in affiliate programs including Bookshop.org and the Amazon Services LLC Associates Program. We may earn a commission from qualifying purchases made through links on this page, at no additional cost to you.
Overview
This book provides an introduction to the field of Intrusion Prevention and provides detailed information on various IPS methods and technologies. Specific methods are covered in depth, including both network and host IPS and response technologies such as port deactivation, firewall/router network layer ACL modification, session sniping, outright application layer data modification, system call interception, and application shims.* Corporate spending for Intrusion Prevention systems increased dramatically by 11% in the last quarter of 2004 alone
* Lead author, Michael Rash, is well respected in the IPS Community, having authored FWSnort, which greatly enhances the intrusion prevention capabilities of the market-leading Snort IDS
This book provides an introduction to the field of Intrusion Prevention and provides detailed information on various IPS methods and technologies. Specific methods are covered in depth, including both network and host IPS and response technologies such as port deactivation, firewall/router network layer ACL modification, session sniping, outright application layer data modification, system call interception, and application shims.
Synopsis
A guide for IT managers and security technologists that shows how to automate responses to intrusions and master buffer overflow- prevention technologies. The guide covers major systems including Snort Inline, SnortSAM, PaX, Stackguard, LIDS, FWSnort, PSAD, Enterasys Web IPS, and mod_securit. It concentrates on the technology and implementation of active response and intrusion prevention techniques and also emphasizes the countermeasures than can be implemented after an attack has been detected. Distributed in the US by O'Reilly. Annotation ©2005 Book News, Inc., Portland, OR