Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Intrusion Detection with Snort
 
See larger image 
Share your own customer images
Publisher: learn how customers can search inside this book.

Intrusion Detection with Snort [Paperback]

Jack Koziol (Author)
4.4 out of 5 stars  See all reviews (14 customer reviews)

Available from these sellers.


Product Details

Product Description

Book Description

With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets.

Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits.

The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running.

Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.

From the Back Cover

With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets.

Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits.

The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running.

Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.

See all Product Description

Tag this product

 (What's this?)
Think of a tag as a keyword or label you consider is strongly related to this product.
Tags will help all customers organize and find favorite items.
Your tags: Add your first tag
 
See most popular tags
 

Customer Reviews

14 Reviews
5 star:
 (10)
4 star:
 (2)
3 star:    (0)
2 star:
 (1)
1 star:
 (1)
 
 
 
 
 
Average Customer Review
4.4 out of 5 stars (14 customer reviews)
 
 
 
 
Share your thoughts with other customers:
Most helpful customer reviews

4.0 out of 5 stars A keeper, May 7 2004
By A Customer
This review is from: Intrusion Detection with Snort (Paperback)
The solid ratings and reviews for this book are appropriate. It is well written, informative, and moves at a nice clip. Very helpful considering the modest documentation available on the snort site.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars A comprehensive and instructive book, Feb 18 2004
By 
akempo "akempo" (Lexington, SC United States) - See all my reviews
This review is from: Intrusion Detection with Snort (Paperback)
When I first got this book, I had little idea what Snort did, other than being used for intrusion detection. And while I'm not an expert in Snort now that I've finished it, the book is simply a comprehensive step by step guide to using this useful tool. I am not an expert in computer security by any stretch, but I've read enough computer books to know intelligent, useful information when I read it. Although I do not have a big enough box to run Snort, I feel confident that using the author's instructions as a guideline along with some common sense I could get it up and running, which I will be doing in the near future. I particularly liked the fact that the author discussed other add ons and software that are essential or ease using Snort, but are not part of Snort itself.
The book is laid out in a logical, easy to understand manner, and I will definitely using this as my reference once I get a box I can put it on.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Helpful book, Linux-centric, Dec 29 2003
By 
Keith Tokash "twigles" (Laguna Niguel, CA United States) - See all my reviews
(REAL NAME)   
This review is from: Intrusion Detection with Snort (Paperback)
This is a very handy book, if only because it presents a lot of Snort documentation in a friendly, easy-to-read format. Is every chapter a joyous literary experience? No. But it beats reading manpages and after a few hours of reading from my monitor my eyes sting.

So the material.... This book introduces Snort, what it is/does, etc, then moves on to how it works. I really enjoyed chapter 3, which looks into all the preprocessors and a brief desciption of Snort's order of operations and modularity.

I would especially recommend chapters 4 and 5 to new Snorters since design issues comprise a huge part of the questions posed to the Snort mailing list, most of which have easy or standard answers. After that, the installation/configuration chapters demonstrate how to get a running setup using RedHat.

I've read a couple complaints in earlier reviews that these instructions don't work and I must say that it is exceedingly difficult to write an installation procedure that incorporates half a dozen different pieces of software, all of which are under seperate development. I actually know about this because I maintain the FreeBSD install guide on the snort site and the instructions that work one week are slightly off the next week. Use the instructions in this book as a guide and you probably won't have much dirty work to figure out on your own.

The rest of the book gets into the nitty-gritty of using Snort and I think it does a pretty good job. This includes tuning signature sets to use less memory/CPU and to generate more reliable alerts. False positives are the bane of the IDS world. If you're new to Snort/IDS then you'll enjoy learning of several great tools like Swatch and Barnyard that this book explores.

Overall I think this book is well worth the 31 clams I coughed up on Amazon.

Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No

Share your thoughts with other customers: Create your own review
Want to see more reviews on this item?
 Go to Amazon.com to see all 15 reviews  4.2 out of 5 stars 
 
 		 Most recent customer reviews











Only search this product's reviews


Listmania!

Create a Listmania! list

Look for similar items by category

Look for similar items by subject























i.e., each book must be in subject 1 AND subject 2 AND ...

Feedback

Would you like to update product info or give feedback on images?