Snort intrusion detection

✍ Scribed by Koziol, Jack

Publisher: Sams Publishing
Year: 2003
Tongue: English
Leaves: 360
Category: Library

⬇ Acquire This Volume

No coin nor oath required. For personal study only.

✦ Table of Contents

Intrusion Detection Primer. IDSs Come in Different Flavors. Methods of Detecting Intrusions. Origin of Attacks. Orchestrating an Attack. The IDS Reality. Summary.2. Network Intrusion Detection with Snort. Snort's Specifications. Detecting Suspicious Traffic via Signatures. Detecting Suspicious Traffic via Heuristics. Gathering Intrusion Data. Alerting via Output Plug-ins. Prioritizing Alerts. Distributed Snort Architecture. Securing Snort. Shortcomings. Summary.3. Dissecting Snort. Feeding Snort Packets with Libpcap. Preprocessors. The Detection Engine. Output Plugins. Summary.4. Planning for the Snort Installation. Defining an IDS Policy. Deciding What to Monitor. Designing Your Snort Architecture. Planning for Maintenance. Incident Response Plan. Responding to an Incident. Restoring to a Normal State. Summary.5. The Foundation-Hardware and Operating Systems. Hardware Performance Metrics. Picking a Platform. The Monitoring Segment. Distributing Traffic to Multiple Sensors. Summary.6. Building the Server. Installation Guide Notes. Red Hat Linux 7.3. Post-Installation Tasks. Installing the Snort Server Components. Summary.7. Building the Sensor. Installation Guide Notes. Installing the Snort Sensor Components. Installing Snort. Implementing Barnyard. Summary.8. Building the Analyst's Console. Windows. Linux. Testing the Console. Working with ACID. Summary.9. Additional Installation Methods. The Hybrid Server/Sensor. Snort on OpenBSD. Snort on Windows. Summary.10. Tuning and Reducing False Positives. Pre-Tuning Activities. Tuning the Network for Snort. Filtering Traffic with Snort. Tuning the Preprocessors. Refining the Ruleset. Organize Your Rules. Designing a Targeted Ruleset. Tuning MySQL. Tuning ACID. Summary.11. Real-Time Alerting. An Overview of Real-Time Alerting with Snort. Prioritization of Alerts. Alerting with the Hybrid. Alerting with Distributed Snort.12. Basic Rule Writing. Fundamental Rule Writing Concepts. Rule Syntax. Writing Rules. Summary.13. Upgrading and Maintaining Snort. Choosing a Snort Management Application. IDS Policy Manager. SnortCenter. Upgrading Snort. Summary.14. Advanced Topics in Intrusion Prevention. A Warning Concerning Intrusion Prevention. Planning an Intrusion Prevention Strategy. Snort Inline Patch. SnortSam. Summary.Appendix A. Troubleshooting. Snort Issues. ACID Issues. IDS Strategy.Appendix B. Rule Documentation. Index.

✦ Subjects

Redes de ordenadores--medidas de seguridad;Seguridad (Informática);Redes de ordenadores -- medidas de seguridad;Seguridad (Informática)

📜 SIMILAR VOLUMES

Intrusion Detection with Snort

📁 Intrusion Detection with Snort

✍ Jack Koziol 📂 Library 📅 2003 🏛 Sams 🌐 English

This book is a bit out of date, dealing with issues from Snort 1.8 and RedHat 7.3. I think I glanced at it for about 1 hour total. Just put it on the bookshelf next to the Snort Intrusion Detection 2.0 book which was (if u ask me) a complete reference.

Intrusion Detection with Snort

📁 Intrusion Detection with Snort

✍ Jack Koziol 📂 Library 📅 2003 🌐 English

With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets. Until

Snort 2.0 Intrusion Detection

📁 Snort 2.0 Intrusion Detection

✍ Brian Caswell, Jay Beale, James C. Foster, Jeremy Faircloth 📂 Library 📅 2003 🏛 Syngress 🌐 English

As many others have said, this book had alot of errors. Mostly in language and what not. It's seriously outdated now, and a new edition is needed (and appears to be on it's way).

Snort 2.1 : intrusion detection

📁 Snort 2.1 : intrusion detection

✍ Andrew R Baker; Brian Caswell; Mike Poor; et al 📂 Library 📅 2004 🏛 Syngress Pub 🌐 English

Snort 2.0 Intrusion Detection

📁 Snort 2.0 Intrusion Detection

✍ Beale J., Foster J.C., Posluns J. 📂 Library 📅 2003 🌐 English

The incredible low maintenance costs of Snort combined with its powerful security features make it one of the fastest growing IDSs within corporate IT departments. Complete with a free CD containing Snort 2.0 plus popular plug-Ins including ACID, Barnyard, and Swatch, Snort 2.0 Intrusion Detection i

Snort 2.1 Intrusion Detection

📁 Snort 2.1 Intrusion Detection

✍ Jay Beale, Caswell 📂 Library 📅 2004 🏛 Syngress 🌐 English

Called "the leader in the Snort IDS book arms race" by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities.Written by the same lead en