| Overview
Intrusion detection is not for the faint at heart. But, if you are
a network administrator chances are you're under increasing
pressure to ensure that mission-critical systems are safe--in fact
impenetrable--from malicious code, buffer overflows, stealth port
scans, SMB probes, OS fingerprinting attempts, CGI attacks, and
other network intruders. Designing a reliable way to detect
intruders before they get in is a vital but daunting challenge.
Because of this, a plethora of complex, sophisticated, and pricy
software solutions are now available. In terms of raw power and
features, SNORT, the most commonly used Open Source Intrusion
Detection System, (IDS) has begun to eclipse many expensive
proprietary IDSes. In terms of documentation or ease of use,
however, SNORT can seem overwhelming. Which output plugin to use?
How do you to email alerts to yourself? Most importantly, how do
you sort through the immense amount of information Snort makes
available to you? Many intrusion detection books are long on theory
but short on specifics and practical examples. Not Managing
Security with Snort and IDS Tools. This new book is a thorough,
exceptionally practical guide to managing network security using
Snort 2.1 (the latest release) and dozens of other high-quality
open source other open source intrusion detection programs.
Managing Security with Snort and IDS Tools covers reliable
methods for detecting network intruders, from using simple packet
sniffers to more sophisticated IDS (Intrusion Detection Systems)
applications and the GUI interfaces for managing them. A
comprehensive but concise guide for monitoring illegal entry
attempts, this invaluable new book explains how to shut down and
secure workstations, servers, firewalls, routers, sensors and other
network devices. Step-by-step instructions are provided to quickly
get up and running with Snort. Each chapter includes links for the
programs discussed, and additional links at the end of the book
give administrators access to numerous web sites for additional
information and instructional material that will satisfy even the
most serious security enthusiasts. Managing Security with Snort
and IDS Tools maps out a proactive--and effective--approach to
keeping your systems safe from attack.
Editorial ReviewsProduct DescriptionIntrusion detection is not for the faint at heart. But, if you are a network administrator chances are you're under increasing pressure to ensure that mission-critical systems are safe--in fact impenetrable--from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is a vital but daunting challenge. Because of this, a plethora of complex, sophisticated, and pricy software solutions are now available. In terms of raw power and features, SNORT, the most commonly used Open Source Intrusion Detection System, (IDS) has begun to eclipse many expensive proprietary IDSes. In terms of documentation or ease of use, however, SNORT can seem overwhelming. Which output plugin to use? How do you to email alerts to yourself? Most importantly, how do you sort through the immense amount of information Snort makes available to you? Many intrusion detection books are long on theory but short on specifics and practical examples. Not Managing Security with Snort and IDS Tools. This new book is a thorough, exceptionally practical guide to managing network security using Snort 2.1 (the latest release) and dozens of other high-quality open source other open source intrusion detection programs. Managing Security with Snort and IDS Tools covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. A comprehensive but concise guide for monitoring illegal entry attempts, this invaluable new book explains how to shut down and secure workstations, servers, firewalls, routers, sensors and other network devices. Step-by-step instructions are provided to quickly get up and running with Snort. Each chapter includes links for the programs discussed, and additional links at the end of the book give administrators access to numerous web sites for additional information and instructional material that will satisfy even the most serious security enthusiasts. Managing Security with Snort and IDS Tools maps out a proactive--and effective--approach to keeping your systems safe from attack. |
Other Readers Also Read | Top Sellers in This Category | Browse Similar Topics | | | Top Level Categories:Sub-Categories: | | | | |
Reader Reviews From Amazon (Ranked by 'Helpfulness') Average Customer Rating: based on 8 reviews. Excellent coverage of a complex topic, 2008-01-05 Reviewer rating:
A well-rounded treatment of Snort and IDS in general. The refresher on packet structure is welcome and necessary. While there is a lot of good free material on Snort out on the net, this book is a positive addition to the library for anyone who works with intrusion detection systems, specifically Snort. | Intrusion Detection for Professionals, 2007-11-09 Reviewer rating: This book is more than a great overview of Intrusion Detection and Defense in Depth using Snort. The authors provide details on packet inspection, configuring Snort, rulesets, and tuning. Then, they take the reader through implementation procedures for Snort with essential tools that make it more useful, MYSQL and ACID. Although the implementation section was limited to the Linux environment, a determined networker can, armed with this book and Internet access, make Snort work in Windows. The authors assume the reader has a knowledge of networking protocols. | Just what I needed, 2007-08-31 Reviewer rating: The information I wanted when I bought this book is there. This book will be like my Unix in a Nut Shell book. Heavily used, heavily book marked, with dog eared pages as I keep going back to various sections for additional information.
That is the sign of a good book. Well used.
Dan | Snort made easy!, 2006-03-10 Reviewer rating: O'Reilly's "Managing Security with Snort and IDS Tools" by Cox and Greg is a practical book that succinctly describes the basic functionality and utility of implanting Snort. The book does an excellent job at discussing the different configuration parameters when deploying Snort.
In particular, I was impressed by:
* Page 35 - A 5-page list detailing the different options available via the command-line.
* Page 69 - Details some of the techniques used to evade IDSs.
* Chapter 5's description of preprocessor configurations was a valuable tool to a newbie of UNIX.
* Chapter 10 description of ACID as a Snort IDS Management Console.
The only area I wish the authors expanded on was in Chapter 7 "Creating Your Own Rules". This area can easily be supplemented from documentation on the web.
The book has a natural bias toward elevating open source tools (I am fan of open source tools). Appreciating that fact, I must admit I have used this book when I have been describing the value of open source tools. Overall, I think "Managing Security with Snort and IDS Tools" is a valuable addition to anyone's Snort arsenal.
I give this book 4 pings out of 5:
!!!.! | Excellent!, 2005-02-28 Reviewer rating: Managing Security with Snort and IDS Tools is just a great book.
Don't even try to use Snort without reading this book first. |
Some information above was provided using data from Amazon.com. View at Amazon > |
| |
|
|
