To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyses reviews to verify trustworthiness.
This book is a survey of the basics. An introduction would not be fair because no topic is covered in depth.
What I was expecting to be the core of the book: Packet Analysis, and Statistical Flow Analysis was very fundamental concepts and had little technical depth.
The techniques in Packet Analysis had little insight, only a description of a series of non-integrated tools to describe a broken process. A single tshark command could have summarized much of the discussed content in this chapter.
Statistical Flow Analysis was similar in technical merit. The chapter covered a series of tools and had little value. The concept of flow, triggered flow or the trade secrets for flow analysis were not even discussed.
The most disappointing chapter was the Wireless, Chapter-6. If you have ever looked at the 802.11 protocol, this chapter is pointless. There are no new ideas or techniques described. Further, fundamental information about the specifics within the protocol are missing.
However, there were some redeeming chapters. The legal section covered at the beginning was very well done. Further, Chapter-7, IDS, was not horrable. However, if this was your first exposure to IDS, you will just be confused and find nothing useful. Chapter-12 was good.
If more of the book covered topics discussed in chapter-12, it would have better met my expectations. This book is not for someone that understands network security, but instead for those with little understanding of Network Security/Forensics that wish to get a list of topics for independent research.