Snort Intrusion Detection 2.0 (Google eBook)
The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments.
Snort 2.0 Intrusion Detection is the first book dealing with the Snort IDS and is written by a member of Snort.org. Readers will receive valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.
The primary reader will be an individual who has a working knowledge of the TCP/IP protocol, expertise in some arena of IT infrastructure, and is inquisitive about what has been attacking their IT network perimeter every 15 seconds.
The most up-to-date and comprehensive coverage for Snort 2.0!
Expert Advice from the Development Team and Step-by-Step Instructions for Installing, Configuring, and Troubleshooting the Snort 2.0 Intrusion Detection System
Free CD Contains the Latest Version of Snort and Popular Plug-Ins Including ACID, Barnyard, and Swatch
What people are saying - Write a review
We haven't found any reviews in the usual places.
Chapter 10 Optimizing Snort
Chapter 11 Mucking Around with Barnyard
Chapter 12 Advanced Snort
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING DISTRIBUTION AND MODIFICATION
END OF TERMS AND CONDITIONS
SYNGRESS PUBLISHING LICENSE AGREEMENT
Chapter 9 Keeping Everything Up to Date
ACID addition alert tcp allows Snort analyze attack Back Orifice Barnyard binary chapter client command configuration file create data->entry_defs[i database decode default define destination detection engine distribution example Figure firewall flag format fprintf(file frag2 fragments function host ICMP IDScenter IDSs implementation interface intrusion detection IP address IPChains IPtables layer libpcap License Linux log files MAC address match mode modify monitor multiple MySQL network card NIDS OINK option OSI model output plug-ins package packet packet sniffer parameters parsing pass tcp PCAP portscan PostgreSQL preprocessor promiscuous mode protocol rc.firewall reassembly router rules file ruleset run Snort script server signatures sniffer SNMP Snort configuration Snort output Snort rules Snort system snort.conf SnortSnarf specific stream string subnet switch syslog TCPDump Telnet tion toks[i tool trigger UNIX updates variable Web server Windows