<< 1 >>
Rating: 
Summary: Useful as a college text, but not for front-line analysts
Review: I am responsible for a 50+ person intrusion detection mission, and I read this book in August 1999. Had I not read Stephen Northcutt's "Network Intrusion Detection," I may not have given Dr. Amoroso's work three stars. Unfortunately, by catering to a niche audience (probably graduate students), this book is not very helpful to folks under fire from malicious Internet users. Dr. Amoroso is very respected in the field, but I would have preferred less process charts and taxonomy descriptions. The publisher does a disservice by stating on the back cover "System administrators, programmers, system and software engineers, and managers of technology will find this book invaluable." Had the book been advertised as a college text, I would have been less critical. Sorry Dr. Amoroso -- I look forward to your next book, though!
Rating:
Summary: Useful as a college text, but not for front-line analysts
Review: I am responsible for a 50+ person intrusion detection mission, and I read this book in August 1999. Had I not read Stephen Northcutt's "Network Intrusion Detection," I may not have given Dr. Amoroso's work three stars. Unfortunately, by catering to a niche audience (probably graduate students), this book is not very helpful to folks under fire from malicious Internet users. Dr. Amoroso is very respected in the field, but I would have preferred less process charts and taxonomy descriptions. The publisher does a disservice by stating on the back cover "System administrators, programmers, system and software engineers, and managers of technology will find this book invaluable." Had the book been advertised as a college text, I would have been less critical. Sorry Dr. Amoroso -- I look forward to your next book, though!
Rating: 
Summary: Not for practitioners
Review: I mistakenly bought this book on (what I thought) was the recommendation from a friend. Whoops. Amoroso's book is apparently aimed at students, not practitioners. The book I really should have bought was Steve Northcutt's Intrusion Detection Handbook, which is superior by a magnitude, at least if you're out in the real world doing real ID. Heck, even if you're still in the classroom, you should choose Northcutt's book over this one. It's the difference between theory and practice, and in the computer security field, theory is a blind alley.
Rating:
Summary: Not for practitioners
Review: I mistakenly bought this book on (what I thought) was the recommendation from a friend. Whoops. Amoroso's book is apparently aimed at students, not practitioners. The book I really should have bought was Steve Northcutt's Intrusion Detection Handbook, which is superior by a magnitude, at least if you're out in the real world doing real ID. Heck, even if you're still in the classroom, you should choose Northcutt's book over this one. It's the difference between theory and practice, and in the computer security field, theory is a blind alley.
Rating: 
Summary: Good theoretical approach
Review: This book is not intended as a practitioner's handbook--that is what Northcutt's book is for. Amoroso's book is used as a text in his graduate classes.If you want to understand the subject from a conceptual level, this book succeeds admirably. It is a bit dry, but acceptably so. Given that Amoroso has taught the subject several times, the organization is logical. The sources are extensive (although other academics who have performed research in this area complain that several important references are missing). Don't expect to be able to build an intrusion detection system after reading this book, but if you want an in-depth understanding of the subject, you should probably read it.
Rating: 
Summary: Excellent Theoritical AND Practical Book
Review: To quote the author, the book contains "Lots of information and no quick fixes." And the book contains exactly that! Bravo! The book is concise, relevant, and very well written. It provides excellent information without getting bogged down in minute theory or implementation details. The book provides a solid but practical theoretical background to intrusion detection. It contains relevant real world examples. It does not contain a bunch of dated "quick fixes" for each type of intrusion problem. (If that is what you want, you need BUGTRAQ or CERT, not a book. By the time an intrusion schema fix hits the press, its solution is out of date!) The book is full of good ideas that are practical and often readily implementable. If you have a hacker/cracker problem, I highly recommend you read this book! It will give you good insight into the types of weaknesses that are exploitable and the types of defenses that are appropriate. There is even a chapter on setting traps to catch hackers. (Hackers and Crackers: Please do not read this book!) Jon R. Kibler, Systems Architect, Advanced Systems Engineering Technology Inc.
Rating:
Summary: Excellent Theoritical AND Practical Book
Review: To quote the author, the book contains "Lots of information and no quick fixes." And the book contains exactly that! Bravo! The book is concise, relevant, and very well written. It provides excellent information without getting bogged down in minute theory or implementation details. The book provides a solid but practical theoretical background to intrusion detection. It contains relevant real world examples. It does not contain a bunch of dated "quick fixes" for each type of intrusion problem. (If that is what you want, you need BUGTRAQ or CERT, not a book. By the time an intrusion schema fix hits the press, its solution is out of date!) The book is full of good ideas that are practical and often readily implementable. If you have a hacker/cracker problem, I highly recommend you read this book! It will give you good insight into the types of weaknesses that are exploitable and the types of defenses that are appropriate. There is even a chapter on setting traps to catch hackers. (Hackers and Crackers: Please do not read this book!) Jon R. Kibler, Systems Architect, Advanced Systems Engineering Technology Inc.
<< 1 >>
| 
