Not sure if there is an interest for Network Security Monitoring here but I have recently reread Richard Bejtlich's NSM: Understanding Incident Detection and Response.
Great book for the understanding of the overall (25000' view) NSM setup and some tools.
It goes into great detail about the setup of a system that would work, testing and placement.
Basically a good setup guide.
Now a criticism I have, thats about all, the books is pretty bland and lacking if you look at it in comparison to his Tao of NSM:Beyond Intrusion Detection
Which goes into NSM in far more detail with some great examples of a plethora of tools
Reading both is great combination and should give you a broad perspective of NSM.
-Cheers
Great book for the understanding of the overall (25000' view) NSM setup and some tools.
It goes into great detail about the setup of a system that would work, testing and placement.
Basically a good setup guide.
Now a criticism I have, thats about all, the books is pretty bland and lacking if you look at it in comparison to his Tao of NSM:Beyond Intrusion Detection
Which goes into NSM in far more detail with some great examples of a plethora of tools
Reading both is great combination and should give you a broad perspective of NSM.
-Cheers