On Mon, Apr 16, 2007 at 01:45:36AM -0700, Clint Pachl scribbled: [snip]
# The Tao of Network Security Monitoring: Beyond Intrusion Detection, # <http://www.amazon.com/gp/product/0321246772/ref=wl_it_dp/103-5124063-8263036?ie=UTF8&coliid=IHNHJ98G36HX1&colid=1B2FORVUWNNME> # by Richard Bejtlich # <http://www.amazon.com/gp/product/0321246772/ref=wl_it_dp/103-5124063-8263036?ie=UTF8&coliid=IHNHJ98G36HX1&colid=1B2FORVUWNNME> This is the only one I can comment, having read it cover to cover sometime last year. First off, it is excellent. This title is effectively 'first in a series', in a sense; it forms the groundwork for an understanding that can only come with lots of practice. It covers a few of the topics you noted, including architecture, best practices, and a lot on monitoring (obviously!). It's all well thought through and having spoken to Richard on a number of occasions, you won't find a better person to describe such a topic. I bought it in a store a number of hours south of here on an impulse. I can say it was the best impulse buy I've *ever* made. I'll leave it at that. -- Jonathan Towne
