本文共 1132 字，大约阅读时间需要 3 分钟。

版权声明：原创作品，允许转载，转载时请务必以超链接形式标明文章原始出版、作者信息和本声明。否则将追究法律责任。 - topmvp

In The Tao of Network Security Monitoring , Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents.

Inside, you will find in-depth information on the following areas. *The NSM operational framework and deployment considerations. *How to use a variety of open-source toolsincluding Sguil, Argus, and Etherealto mine network traffic for full content, session, statistical, and alert data. *Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture. *Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM. *The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance. http://rapidshare.com/files/53732042/0321246772.zip