Copyright © Blue Team Handbook. All rights reserved.
When I started in the information technology business, I went to this old dude on a military base and asked him what to read. He said, “Son read Douglas Comers book on TCP.” I bought the book, read a chapter and it gathered dust for 2 years. I struggled. One day when I was at my wits end, I picked up that book and started reading. It was as if the fog of network stupidity was lifted. I am going back in time with this book as a gift to the younger me right after I finished Comer. If I started in the business then with this book I would be the incident response version of Biff Tannen “the Luckiest Man on Earth.” Every time an incident response issue would pop up I would be right there ferreting out the evil packets, getting to the root cause, knowing where and when to look. This book is the “Gray's Sports Almanac” of Incident Response. Read it, keep it with you every time you go to the track… I mean go to an incident. It is a sure thing.
Don I am pissed at you! Where was this book when I started in the business? My life would have be a great deal simpler. I could have read this book, understood every word and been ready for incident response. Well actually… This book is not for the NooBe. This book requires that you have a firm grounding in the tools listed, a good grasp of the concepts and a willingness to apply these great suggestions to your particular situation. It is all here. If I was new to incident response I would keep this book in my jump kit. I would practice these skills. I will keep this book with me. Don you make me worth what I charge for consulting.