Table of Contents
Previous Section Next Section


1. Stephen Northcutt and Judy Novak , Network Intrusion Detection: An Analyst's Handbook, 2nd Edition, New Riders, Indianapolis 2001, ISBN: 0-7357-1008-2 (Paperback).

2. Lance Spitzner , Honeypots: Tracking Hackers, Addison-Wesley, Boston 2003, ISBN: 0-321-10895-7 (Paperback).

3. E. Eugene Schultz, Ph.D, "The MSBlaster worm: going from bad to worse," Network Security, October 2003, pp. 4-8.

4. Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent Frederick, and Ronald W. Ritchey , Inside Network Perimeter Security, New Riders, Indianapolis 2003, ISBN: 0-73571-232-8 (Paperback).

5. W. Richard Stevens , TCP/IP Illustrated, Addison-Wesley, Boston 1994, ISBN: 0-201-63346-9 (Hardcover).

6. Rafeeq Ur Rehman , "Intrusion Detection with SNORT," Prentice Hall, Upper Saddle River, 2003, ISBN: 0-13-140733-3 (Paperback).

7. Thomas H. Ptacek and Timothy N. Newsham , "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection," January 1998,

8. Xuxian JiangDongyan Xu , "Collapsar: A VM-Based Architecture for Network Attack Detection Center," 13th Usenix Security Symposium, 2004, pp. 15-28.

9. Ofrin Arkin, Edward Balas, Brian Carrier, Roshen Chandran, Anton Chuvakin, Michael Clark, Eric Cole, Yannis Corovesis, Jeff Dell, J. RaulGarcia Zapata, Max Kilger, Charalambos Koutsouris, Richard LaBella, Rob Lee, Costas Magkos, Patrick McCarty, Doin Mendel, Yannis Papapanos, Richard P. Salgado, Lance Spitzner and Jeff Jtutzman , "Know Your Enemy," The Honeynet Project, 2nd Edition, Addison-Wesley, Boston 2004, ISBN: 0-321-16646-9 (Paperback).

10. Douglas E. Comer , Internetworking with TCP/IP, Prentice Hall, Upper Saddle River 2000, 1995, ISBN: 0-13-018380-6 (Hardcover).

11. The TCPDump public repository,

12. "Ethereal: A Network Analyzer,"

13. Elias Levy , private communication, 2004.

14. Winpcap,

15. Frederic Perriot , private communication, 2004.

    Table of Contents
    Previous Section Next Section