My Account
Log in Registration
All
Cart
Highlights
Fiction Books
Non-Fiction Books
Children's Books
Rare Books
Music
DVD & Blu-Ray
Video Games
Category
Wishlists
Cart
All
Free US shipping over $10
Trustpilot
Proud to be B-Corp

Snort Intrusion Detection 2.0 Syngress

Snort Intrusion Detection 2.0 By Syngress

Snort Intrusion Detection 2.0 by Syngress

Reviews:
$9.22
Condition - Good
Only 1 left
Good

Summary

Snort is one of the fastest growing IDSs within corporate IT departments. This book deals with the Snort IDS and is written by a member of Snort.org. It provides insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.

Faster Shipping

Get this product faster from our US warehouse

Snort Intrusion Detection 2.0 Summary

Snort Intrusion Detection 2.0 by Syngress

The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments. Snort 2.0 Intrusion Detection is written by a member of Snort.org. The book provides a valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios. The primary reader will be an individual who has a working knowledge of the TCP/IP protocol, expertise in some arena of IT infrastructure, and is inquisitive about what has been attacking their IT network perimeter every 15 seconds.

Snort Intrusion Detection 2.0 Reviews

"I have been a diehard Snort user and member of the community since day one. Snort is awesome and there are so many incredibly talented people involved with it. I always wished that there was a book that documented everything, and gave lots of very cool information on all of the inner workings. I was psyched when I heard this book was being written, and I orderd it before it came out. I got mine on Friday and spent the weekend reading it. Considering the guys (and gal!) who wrote it, I shouldn't be surprised that the book rocks. Everything you ever wanted to know about Snort is in there. And, you know you are getting it from the Pig's mouth--er, or Snout ;)" - reviewer on Amazon.com

Table of Contents

Foreword Chapter 1 Intrusion Detection Systems Introduction What Is Intrusion Detection Network IDS Host-Based IDS Distributed IDS A Trilogy of Vulnerabilities Directory Traversal Vulnerability CodeRed Worm Nimda Worm What Is an Intrusion Using Snort to Catch Intrusions Why Are Intrusion Detection Systems Important Why Are Attackers Interested in Me Where Does an IDS Fit with the Rest of My Security Plan Doesn't My Firewall Serve as an IDS Where Else Should I Be Looking for Intrusions What Else Can Be Done with Intrusion Detection Monitoring Database Access Monitoring DNS Functions E-Mail Server Protection Using an IDS to Monitor My Company Policy Summary Solutions Fast Track Frequently Asked Questions Chapter 2 Introducing Snort 2.0 Introduction What Is Snort Snort System Requirements Hardware Exploring Snort's Features Packet Sniffer Preprocessor Detection Engine Alerting/Logging Component Using Snort on Your Network Snort's Uses Snort and Your Network Architecture Pitfalls When Running Snort Security Considerations with Snort Snort Is Susceptible to Attacks Securing Your Snort System Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Installing Snort Introduction A Brief Word about Linux Distributions Debian Slackware Gentoo Installing PCAP Installing libpcap from Source Installing libpcap from RPM Installing Snort Installing Snort from Source Customizing Your Installation: Editing the snort.conf File Installing Snort from RPM Installation on the Microsoft Windows Platform Installing Bleeding-Edge Versions of Snort Summary Solutions Fast Track Frequently Asked Questions Chapter 4 Snort: The Inner Workings Introduction Snort Components Capturing Network Traffic Packet Sniffing Decoding Packets Storage of Packets Processing Packets 101 Preprocessors Understanding Rule Parsing and Detection Engines Rules Builder Detection Plug-Ins Output and Logs Snort as a Quick Sniffer Intrusion Detection Mode Snort for Honeypot Capture and Analysis Logging to Databases Alerting Using SNMP Barnyard and Unified Output Summary Solutions Fast Track Frequently Asked Questions Chapter 5 Playing by the Rules Introduction Understanding Configuration Files Defining and Using Variables Including Rule Files The Rule Header Rule Action Options Supported Protocols Assigning Source and Destination IP Addresses to Rules Assigning Source and Destination Ports Understanding Direction Operators Activate and Dynamic Rule Characteristics The Rule Body Rule Content Components of a Good Rule Action Events Ensuring Proper Content Merging Subnet Masks Testing Your Rules Stress Tests Individual Snort Rule Tests Berkeley Packet Filter Tests Tuning Your Rules Configuring Rule Variables Disabling Rules Berkeley Packet Filters Summary Solutions Fast Track Frequently Asked Questions Chapter 6 Preprocessors Introduction What Is a Preprocessor Preprocessor Options for Reassembling Packets The stream4 Preprocessor frag2-Fragment Reassembly and Attack Detection Preprocessor Options for Decoding and Normalizing Protocols Telnet Negotiation HTTP Normalization rpc_decode Preprocessor Options for Nonrule or Anomaly-Based Detection portscan Back Orifice General Nonrule-Based Detection Experimental Preprocessors arpspoof asn1_decode fnord portscan2 and conversation perfmonitor Writing Your Own Preprocessor Reassembling Packets Decoding Protocols Nonrule or Anomaly-Based Detection Setting Up My Preprocessor What Am I Given by Snort Adding the Preprocessor into Snort Summary Solutions Fast Track Frequently Asked Questions Chapter 7 Implementing Snort Output Plug-Ins Introduction What Is an Output Plug-In Key Components of an Output Plug-In Exploring Output Plug-In Options Default Logging Syslog PCAP Logging Snortdb Unified Logs Writing Your Own Output Plug-In Why Should I Write an Output Plug-In Setting Up My Output Plug-In Dealing with Snort Output Summary Solutions Fast Track Frequently Asked Questions Chapter 8 Exploring the Data Analysis Tools Introduction Using Swatch Performing a Swatch Installation Configuring Swatch Using Swatch Using ACID Installing ACID Configuring ACID Using ACID Using SnortSnarf Installing SnortSnarf Configuring Snort to Work with SnortSnarf Basic Usage of SnortSnarf Using IDScenter Installing IDScenter Configuring IDScenter Basic Usage of IDScenter Summary Solutions Fast Track Frequently Asked Questions Chapter 9 Keeping Everything Up to Date Introduction Applying Patches Updating Rules How Are the Rules Maintained How Do I Get Updates to the Rules How Do I Merge These Changes Testing Rule Updates Testing the New Rules Watching for Updates Mailing Lists and News Services to Watch Summary Solutions Fast Track Frequently Asked Questions Chapter 10 Optimizing Snort Introduction How Do I Choose What Hardware to Use What Constitutes "Good" Hardware How Do I Test My Hardware How Do I Choose What Operating System to Use What Makes a "Good" OS for a NIDS What OS Should I Use How Do I Test My OS Choice Speeding Up Your Snort Installation Deciding Which Rules to Enable Configuring Preprocessors for Speed Using Generic Variables Choosing an Output Plug-In Benchmarking Your Deployment Benchmark Characteristics What Options Are Available for Benchmarking Summary Solutions Fast Track Frequently Asked Questions Chapter 11 Mucking Around with Barnyard Introduction 2 What Is Barnyard Preparation and Installation of Barnyard How Does Barnyard Work Using the Barnyard Configuration File Barnyard Innards Create and Display a Binary Log Output File What Are the Output Options for Barnyard But I Want My Output Like "This" An Example Output Plug-In Summary Solutions Fast Track Frequently Asked Questions Chapter 12 Advanced Snort Introduction Policy-Based IDS Defining a Network Policy for the IDS An Example of Policy-Based IDS Policy-Based IDS in Production Inline IDS Where Did the Inline IDS for Snort Come From Installation of Snort in Inline Mode Using Inline IDS to Protect Your Network Summary Solutions Fast Track Frequently Asked Questions Index

Additional information

CIN1931836744G
9781931836746
1931836744
Snort Intrusion Detection 2.0 by Syngress
Syngress
Used - Good
Paperback
Syngress Media,U.S.
2003-05-11
550
N/A
Book picture is for illustrative purposes only, actual binding, cover or edition may vary.
This is a used book - there is no escaping the fact it has been read by someone else and it will show signs of wear and previous use. Overall we expect it to be in good condition, but if you are not entirely satisfied please get in touch with us

Customer Reviews - Snort Intrusion Detection 2.0