Friday, November 10

NIST

NIST has a new draft on Intrusion Detection titled: "Guide to Intrusion Detection and Prevention Systems".

Here is a link to the PDF.

I have *not* had a chance to read the entire paper, however I did find Appendix C very interesting.

Snip:
The lists below provide examples of tools and resources that may be helpful.
Print Resources
  1. Bace, Rebecca, Intrusion Detection, Macmillan Technical Publishing, 2000.
  2. Bejtlich, Richard, Extrusion Detection, Addison-Wesley, 2005.
  3. Bejtlich, Richard, The Tao of Network Security Monitoring: Beyond Intrusion Detection, Addison-Wesley, 2004.
  4. Crothers, Tim, Implementing Intrusion Detection Systems: A Hands-On Guide for Securing the Network, 2002.
  5. Endorf, Carl et al, Intrusion Detection and Prevention, McGraw-Hill Osborne Media, 2003.
  6. Kruegel, Chris et al, Intrusion Detection and Correlation: Challenges and Solutions, Springer, 2004.
  7. Nazario, Jose, Defense and Detection Strategies Against Internet Worms, Artech House Publishers, 2003.
  8. Northcutt, Stephen and Novak, Judy, Network Intrusion Detection: An Analyst’s Handbook, Third Edition, New Riders, 2003.
  9. Rash, Michael et al, Intrusion Prevention and Active Response: Deployment Network and Host IPS, Syngress, 2005.
It is interesting to see who did and did not make the list. I would have added a few others, however I am not NIST. Additionally, I found this publication to be more of a management overview as opposed to a technical document. Better off reading number 2 and 3 from the above list IMO.

No comments: