Intrusion Detection with SNORT

Intrusion Detection with SNORT
by Jack Koziol

Download Book
(Respecting the intellectual property of others is utmost important to us, we make every effort to make sure we only link to legitimate sites, such as those sites owned by authors and publishers. If you have any questions about these links, please contact us.)

link 1
link 2

About Book

Slashdot
Overall Koziol's book is a valuable text for learning Intrusion Detection with the world's premier open source IDS

Gortbusters.org
"For security, it's nice to have a book to get some more robust information than the 2 page onliners."

Book Description

With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets.

Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits.

The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running.

Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.

Download Description
With over 100,000 installations, the Snort open-source network intrusion detection system is combined with other free tools to deliver IDS defense to medium-to-small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets.Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experienced Snort administrators and covers thousands of rules and known exploits. The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their system up and running. Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.

From the Back Cover

Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits.

The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running.

About the Author

Jack Koziol is the Information Security Officer at a major Chicago-area financial institution, responsible for security enterprise-wide. Previously, he has held information security positions at an online health care company and a point-of-care Internet-based pharmacy. Jack has written for Information Security magazine, and released several whitepapers on intrusion detection. He teaches the CISSP and "Hack and Defend" courses.

Jack has architected, maintained, and managed Snort and other IDS technologies in large production environments since 1998. He has also written Snort signature sets designed for specific applications.

Comments

SEND A COMMENT

PLEASE READ: All comments must be approved before appearing in the thread; time and space constraints prevent all comments from appearing. We will only approve comments that are directly related to the article, use appropriate language and are not attacking the comments of others.