Snort Intrusion Detection 2.0
The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments.
Snort 2.0 Intrusion Detection is written by a member of Snort.org. The book provides a valuable insight to the code base of Snort and in-depth tutorials of complex installation, configuration, and troubleshooting scenarios.
The primary reader will be an individual who has a working knowledge of the TCP/IP protocol, expertise in some arena of IT infrastructure, and is inquisitive about what has been attacking their IT network perimeter every 15 seconds.
What people are saying - Write a review
We haven't found any reviews in the usual places.
Chapter 3 Installing Snort
The Inner Workings
Chapter 5 Playing by the Rules
Chapter 6 Preprocessors
Chapter 7 Implementing Snort Output PlugIns
Chapter 8 Exploring the Data Analysis Tools
Chapter 9 Keeping Everything Up to Date
Chapter 10 Optimizing Snort
ACID addition alert tcp allows Snort analyze attack Back Orifice Barnyard binary chapter client command configuration file create database decode default define destination detection engine distribution example Figure firewall flag format frag2 fragments function host http_decode ICMP IDScenter IDSs implementation interface intrusion detection IP address IPChains IPtables layer libpcap License Linux log files MAC address match mode modify module monitor multiple MySQL network card NIDS OINK option OSI model output plug-ins package packet packet sniffer parameters parsing pass tcp PCAP portscan PostgreSQL preprocessor promiscuous mode protocol rc.firewall reassembly router rules file ruleset run Snort script server signatures sniffer SNMP Snort configuration Snort output Snort rules Snort system snort.conf SnortSnarf specific stream string subnet switch syslog TCPDump Telnet tion tool trigger UNIX updates variable Web server Windows