Re:.... (Score 2)

You may also want to check out Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response by Edward Amoroso. I think it's a good introduction to the topics which covers a bunch of the theory behind this stuff.

I've also looked at Intrusion Dection: Network Security Beyond the Firewall by Terry Escamilla, and it's not bad.

I know I've got another book lying around somewhere, but I can't find it and don't remember who wrote it. :(

"IT is easy to run a secure computer system. You merely have to disconnect all dial-up connections and permit only direct-wired terminals, put the machine and its terminals in a shielded room, and post a guard at the door." - F.T. Grampp and R. H. Morris.